www.newschannel5.com Open in urlscan Pro
13.226.145.126 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cbsnews5.com/
Effective URL:
https://www.newschannel5.com/
Submission: On July 22 via api (July 22nd 2021, 8:35:32 pm UTC) from US

Summary HTTP 433 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 112 IPs in 11 countries across 94 domains to perform 433 HTTP transactions. The main IP is 13.226.145.126, located in United States and belongs to AMAZON-02, US. The main domain is www.newschannel5.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.

This is the only time www.newschannel5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.230.85.241 44.230.85.241	16509 (AMAZON-02) (AMAZON-02)
6	13.226.145.126 13.226.145.126	16509 (AMAZON-02) (AMAZON-02)
19	13.224.193.15 13.224.193.15	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:1800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:218... 2600:9000:2182:5e00:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:303... 2606:4700:3031::ac43:d645	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.193.67 13.224.193.67	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:2c00:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
13	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	13.226.132.202 13.226.132.202	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.226.147.71 13.226.147.71	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1 3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
2	13.224.193.4 13.224.193.4	16509 (AMAZON-02) (AMAZON-02)
2 4	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
1 3	13.226.145.101 13.226.145.101	16509 (AMAZON-02) (AMAZON-02)
2	209.197.3.16 209.197.3.16	20446 (HIGHWINDS3) (HIGHWINDS3)
1	35.227.203.93 35.227.203.93	15169 (GOOGLE) (GOOGLE)
1	18.134.72.135 18.134.72.135	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:e600:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.96.74.203 34.96.74.203	15169 (GOOGLE) (GOOGLE)
31	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	213.19.162.51 213.19.162.51	26667 (RUBICONPR...) (RUBICONPROJECT)
1 6	54.77.47.243 54.77.47.243	16509 (AMAZON-02) (AMAZON-02)
12 24	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
18	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	52.22.60.34 52.22.60.34	14618 (AMAZON-AES) (AMAZON-AES)
1 17	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
4	18.157.108.214 18.157.108.214	16509 (AMAZON-02) (AMAZON-02)
5	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
9	13.224.193.19 13.224.193.19	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	3.21.254.38 3.21.254.38	16509 (AMAZON-02) (AMAZON-02)
15 19	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
7 10	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
9	13.226.145.44 13.226.145.44	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
1	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.194.193.174 18.194.193.174	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	3.120.211.246 3.120.211.246	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:5c8e:cd57:8c3a:71f	14618 (AMAZON-AES) (AMAZON-AES)
1 5	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:453b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.99.65.215 88.99.65.215	24940 (HETZNER-AS) (HETZNER-AS)
1	18.185.206.154 18.185.206.154	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	13.224.193.116 13.224.193.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	52.217.42.174 52.217.42.174	16509 (AMAZON-02) (AMAZON-02)
3 3	167.172.1.14 167.172.1.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
10	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 6	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
3 6	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 7	52.17.245.120 52.17.245.120	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 18	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
1 1	34.205.3.24 34.205.3.24	14618 (AMAZON-AES) (AMAZON-AES)
4 4	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2 5	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	52.45.185.178 52.45.185.178	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.226.209.67 54.226.209.67	14618 (AMAZON-AES) (AMAZON-AES)
1 1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	204.2.255.233 204.2.255.233	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914)
9 9	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
2 2	18.159.8.206 18.159.8.206	16509 (AMAZON-02) (AMAZON-02)
1	45.35.192.162 45.35.192.162	40676 (AS40676) (AS40676)
5	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
5 7	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	67.202.110.24 67.202.110.24	32748 (STEADFAST) (STEADFAST)
4 14	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
4 5	51.89.21.10 51.89.21.10	16276 (OVH) (OVH)
2 2	18.185.190.29 18.185.190.29	16509 (AMAZON-02) (AMAZON-02)
4 4	51.75.15.61 51.75.15.61	16276 (OVH) (OVH)
2 2	34.253.111.115 34.253.111.115	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.107 146.0.227.107	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	52.57.10.248 52.57.10.248	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	209.54.177.54 209.54.177.54	16509 (AMAZON-02) (AMAZON-02)
2 2	64.202.112.63 64.202.112.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	52.216.110.155 52.216.110.155	16509 (AMAZON-02) (AMAZON-02)
433	112

1 44.230.85.241 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-85-241.us-west-2.compute.amazonaws.com

cbsnews5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.145.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-126.dus51.r.cloudfront.net

www.newschannel5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 13.224.193.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-15.fra2.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5e00:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-67.fra2.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2c00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.132.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-202.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.147.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-147-71.dus51.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

4394967.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-4.fra2.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.134 (United Kingdom) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.145.101 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-101.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.16 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net

cdn5.userzoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.72.135 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-72-135.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e600:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.77.47.243 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 185.33.223.178 (Amsterdam, Netherlands) 12 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.22.60.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-60-34.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ewscripps-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.157.108.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-108-214.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.224.193.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-19.fra2.r.cloudfront.net

yummy.consumable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.21.254.38 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-21-254-38.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.184.194 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.21 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.226.145.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-44.dus51.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.193.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-193-174.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.211.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:5c8e:cd57:8c3a:71f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

vtrdn-wjdav.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.165 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:453b (United States)

ASN13335 (CLOUDFLARENET, US)

v.traileraddict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.traileraddict.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.65.215 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.215.65.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.206.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-206-154.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.42.174 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.172.1.14 (North Bergen, United States) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (United States)

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.28 (Denmark) 5 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.242.197 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.17.245.120 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-245-120.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-delivery-4.sys.adgear.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.53 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.3.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.110.162 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:110:c305::8000 (Dublin, Ireland) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.185.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-185-178.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.209.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-209-67.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.2.255.233 (United States) 1 redirects

ASN2914 (NTT-COMMUNICATIONS-2914, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.195.54.133 (Frankfurt am Main, Germany) 9 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.8.206 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-8-206.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.35.192.162 (United States)

ASN40676 (AS40676, US)

sync.resetdigital.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.227.252.103 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.39 (United States) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.24 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 76.223.111.18 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.21.10 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: p24.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.29 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-29.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.15.61 (France) 4 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.111.115 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.107 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.10.248 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-10-248.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.177.54 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.63 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.110.155 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

traileraddict-converted-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	doubleclick.net 16 redirects 4394967.fls.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net	452 KB
36	googlesyndication.com pagead2.googlesyndication.com 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com tpc.googlesyndication.com 753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com	258 KB
33	adnxs.com 13 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	59 KB
28	pubmatic.com 2 redirects hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com image2.pubmatic.com simage4.pubmatic.com	56 KB
25	rubiconproject.com 3 redirects ads.rubiconproject.com fastlane.rubiconproject.com prebid-a.rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com secure-assets.rubiconproject.com	159 KB
24	openx.net 6 redirects ewscripps-d.openx.net gift-connect-d.openx.net u.openx.net eu-u.openx.net us-u.openx.net rtb.openx.net	5 KB
21	serverbid.com 3 redirects e.serverbid.com sync.serverbid.com	2 KB
19	brightspotcdn.com ewscripps.brightspotcdn.com	1 MB
15	brid.tv services.brid.tv p.brid.tv c.brid.tv stats-dev.brid.tv	257 KB
14	3lift.com tlx.3lift.com Failed eb2.3lift.com	6 KB
14	moatads.com sejs.moatads.com mb.moatads.com px.moatads.com z.moatads.com	282 KB
11	yahoo.com 4 redirects c2shb.ssp.yahoo.com pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	4 KB
11	google.com adservice.google.com www.google.com	3 KB
10	casalemedia.com 7 redirects dsum-sec.casalemedia.com as-sec.casalemedia.com ssum-sec.casalemedia.com	8 KB
9	bidswitch.net 9 redirects x.bidswitch.net	4 KB
9	consumable.com yummy.consumable.com	216 KB
9	googletagservices.com www.googletagservices.com	293 KB
9	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	38 KB
8	google-analytics.com www.google-analytics.com	20 KB
7	bidr.io 4 redirects match.prod.bidr.io	3 KB
6	adsrvr.org 3 redirects match.adsrvr.org	2 KB
6	adform.net 5 redirects c1.adform.net	3 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	9 KB
6	facebook.com www.facebook.com	569 B
6	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	4 KB
6	newschannel5.com www.newschannel5.com	451 KB
5	id5-sync.com 4 redirects id5-sync.com	7 KB
5	fastly.net includemodal.global.ssl.fastly.net clarium.global.ssl.fastly.net	114 KB
5	facebook.net connect.facebook.net	241 KB
5	typekit.net use.typekit.net p.typekit.net	88 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	lijit.com 4 redirects ap.lijit.com	2 KB
4	w55c.net 4 redirects pm.w55c.net	3 KB
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	amazonaws.com s3.amazonaws.com traileraddict-converted-assets.s3.amazonaws.com	1 MB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	23 KB
4	traileraddict.com v.traileraddict.com cdn.traileraddict.com	45 KB
4	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	2 KB
4	googleapis.com fonts.googleapis.com imasdk.googleapis.com	308 KB
4	33across.com ssc.33across.com ssc-cms.33across.com	2 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
3	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com	15 KB
3	includemodal.com includemodal.com	397 B
3	google.be adservice.google.be	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	ewscloud.com api.ewscloud.com static.ewscloud.com	9 KB
3	fontawesome.com use.fontawesome.com	132 KB
3	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	63 KB
2	zemanta.com 2 redirects b1sync.zemanta.com	602 B
2	bing.com c.bing.com	714 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1013 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	360yield.com 2 redirects ice.360yield.com	1006 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	mxptint.net 1 redirects pmp.mxptint.net	965 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	744 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	owneriq.net 1 redirects px.owneriq.net	476 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	advertising.com 1 redirects ads.adaptv.advertising.com pixel.advertising.com	544 B
2	pymx5.com pymx5.com api.pymx5.com	10 KB
2	userzoom.com cdn5.userzoom.com	13 KB
2	parsely.com cdn.parsely.com p1.parsely.com	24 KB
2	media.net contextual.media.net hblg.media.net	97 KB
2	scrippsdigital.com assets.scrippsdigital.com	21 KB
1	contextweb.com 1 redirects bh.contextweb.com	496 B
1	admixer.net 1 redirects inv-nets.admixer.net	555 B
1	resetdigital.co sync.resetdigital.co
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	ipredictive.com 1 redirects sync.ipredictive.com	522 B
1	adentifi.com rtb.adentifi.com	88 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	simpli.fi um.simpli.fi	609 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	652 B
1	bnmla.com match.bnmla.com	114 B
1	adgrx.com cm.adgrx.com	408 B
1	deepintent.com match.deepintent.com	44 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	criteo.com dis.criteo.com	338 B
1	brealtime.com biddr.brealtime.com	1 KB
1	2mdn.net s0.2mdn.net	17 KB
1	clarium.io protected-by.clarium.io	345 B
1	contentspread.net cdn.contentspread.net	38 KB
1	google.de adservice.google.de	165 B
1	tremorhub.com vtrdn-wjdav.ads.tremorhub.com	422 B
1	spotxchange.com search.spotxchange.com	1 KB
1	emxdgt.com hb.emxdgt.com	163 B
1	quantcount.com rules.quantcount.com	1 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	chartbeat.com static.chartbeat.com	10 KB
1	cbsnews5.com 1 redirects cbsnews5.com	245 B
0	digitru.st Failed prebid.digitru.st Failed
433	94

	Domain	Requested by
24	ib.adnxs.com	12 redirects d25dfknw9ghxs6.cloudfront.net googleads.g.doubleclick.net yummy.consumable.com acdn.adnxs.com eb2.3lift.com
21	securepubads.g.doubleclick.net	www.newschannel5.com securepubads.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net www.googletagservices.com yummy.consumable.com imasdk.googleapis.com
19	cm.g.doubleclick.net	15 redirects googleads.g.doubleclick.net u.openx.net eb2.3lift.com
19	ewscripps.brightspotcdn.com	www.newschannel5.com
18	e.serverbid.com	d25dfknw9ghxs6.cloudfront.net yummy.consumable.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com srcdoc www.googletagservices.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net clarium.global.ssl.fastly.net
14	eb2.3lift.com	4 redirects ads.rubiconproject.com eb2.3lift.com
12	simage2.pubmatic.com	1 redirects ads.pubmatic.com
10	eus.rubiconproject.com	yummy.consumable.com eus.rubiconproject.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
10	pubads.g.doubleclick.net
10	px.moatads.com	www.newschannel5.com
9	x.bidswitch.net	9 redirects
9	yummy.consumable.com	www.newschannel5.com yummy.consumable.com
9	www.googletagservices.com	securepubads.g.doubleclick.net 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com yummy.consumable.com clarium.global.ssl.fastly.net
8	eu-u.openx.net	u.openx.net ads.rubiconproject.com eu-u.openx.net
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.newschannel5.com d25dfknw9ghxs6.cloudfront.net
7	rtb.openx.net	5 redirects eu-u.openx.net
7	match.prod.bidr.io	4 redirects ads.pubmatic.com eu-u.openx.net
6	image2.pubmatic.com	1 redirects ads.pubmatic.com
6	match.adsrvr.org	3 redirects u.openx.net eb2.3lift.com
6	c1.adform.net	5 redirects ads.pubmatic.com
6	stats-dev.brid.tv
6	www.google.com	securepubads.g.doubleclick.net 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com tpc.googlesyndication.com clarium.global.ssl.fastly.net
6	www.facebook.com	www.newschannel5.com connect.facebook.net
6	www.newschannel5.com	www.newschannel5.com ewscripps.brightspotcdn.com
5	id5-sync.com	4 redirects
5	acdn.adnxs.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
5	pr-bh.ybp.yahoo.com	2 redirects ads.pubmatic.com eu-u.openx.net
5	ads.pubmatic.com	yummy.consumable.com ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
5	hal90005.redintelligence.net	1 redirects 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com hal90005.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	adservice.google.com	4394967.fls.doubleclick.net securepubads.g.doubleclick.net imasdk.googleapis.com
5	stats.g.doubleclick.net	d25dfknw9ghxs6.cloudfront.net
5	connect.facebook.net	www.newschannel5.com connect.facebook.net
5	c.amazon-adsystem.com	www.newschannel5.com d25dfknw9ghxs6.cloudfront.net
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com
4	cookie-matching.mediarithmics.com	4 redirects
4	secure.adnxs.com	1 redirects acdn.adnxs.com
4	ap.lijit.com	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	pm.w55c.net	4 redirects
4	token.rubiconproject.com	eus.rubiconproject.com
4	us-u.openx.net	u.openx.net eu-u.openx.net
4	sync.mathtag.com	4 redirects
4	p.brid.tv	services.brid.tv
4	services.brid.tv	yummy.consumable.com services.brid.tv
4	prebid-a.rubiconproject.com	d25dfknw9ghxs6.cloudfront.net
4	use.typekit.net	www.newschannel5.com use.typekit.net
3	traileraddict-converted-assets.s3.amazonaws.com	p.brid.tv
3	sync.go.sonobi.com	serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3	secure-assets.rubiconproject.com	3 redirects
3	rtb.gumgum.com	1 redirects ads.rubiconproject.com
3	ups.analytics.yahoo.com	2 redirects serverbid-sync.nyc3.cdn.digitaloceanspaces.com
3	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	yummy.consumable.com ads.rubiconproject.com
3	sync.serverbid.com	3 redirects
3	csi.gstatic.com	imasdk.googleapis.com
3	cdn.traileraddict.com	yummy.consumable.com
3	includemodal.com	www.newschannel5.com 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
3	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
3	adservice.google.be	securepubads.g.doubleclick.net imasdk.googleapis.com
3	c2shb.ssp.yahoo.com	d25dfknw9ghxs6.cloudfront.net
3	ssc.33across.com	d25dfknw9ghxs6.cloudfront.net
3	g2.gumgum.com	d25dfknw9ghxs6.cloudfront.net
3	pixel.quantserve.com	2 redirects www.newschannel5.com
3	sb.scorecardresearch.com	1 redirects www.newschannel5.com
3	4394967.fls.doubleclick.net	1 redirects www.googletagmanager.com www.newschannel5.com
3	use.fontawesome.com	www.newschannel5.com use.fontawesome.com
2	b1sync.zemanta.com	2 redirects
2	c.bing.com	eb2.3lift.com
2	ads.betweendigital.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	ice.360yield.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	pmp.mxptint.net	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	px.owneriq.net	1 redirects ads.pubmatic.com
2	sync.1rx.io	2 redirects
2	u.openx.net	1 redirects yummy.consumable.com
2	imasdk.googleapis.com	services.brid.tv imasdk.googleapis.com
2	clarium.global.ssl.fastly.net	www.newschannel5.com
2	fonts.googleapis.com	yummy.consumable.com c.brid.tv
2	googleads.g.doubleclick.net	247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com www.newschannel5.com
2	z.moatads.com	securepubads.g.doubleclick.net
2	247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ewscripps-d.openx.net	d25dfknw9ghxs6.cloudfront.net
2	fastlane.rubiconproject.com	d25dfknw9ghxs6.cloudfront.net
2	cdn5.userzoom.com	www.newschannel5.com cdn5.userzoom.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net includemodal.global.ssl.fastly.net
2	assets.scrippsdigital.com	www.newschannel5.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	pixel.advertising.com	1 redirects
1	bh.contextweb.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	ssc-cms.33across.com	ads.rubiconproject.com
1	sync.resetdigital.co	ads.pubmatic.com
1	pixel-sync.sitescout.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	rtb.adentifi.com	ads.pubmatic.com
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	idsync.rlcdn.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	match.bnmla.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	match.deepintent.com	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	biddr.brealtime.com	yummy.consumable.com
1	s3.amazonaws.com
1	s0.2mdn.net	imasdk.googleapis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	c.brid.tv	services.brid.tv
1	protected-by.clarium.io	www.newschannel5.com
1	cdn.contentspread.net	hal90005.redintelligence.net
1	v.traileraddict.com	yummy.consumable.com
1	d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	vtrdn-wjdav.ads.tremorhub.com	yummy.consumable.com
1	ads.adaptv.advertising.com	yummy.consumable.com
1	apex.go.sonobi.com	yummy.consumable.com
1	prebid-server.rubiconproject.com	yummy.consumable.com
1	as-sec.casalemedia.com	yummy.consumable.com
1	hbopenbid.pubmatic.com	yummy.consumable.com
1	search.spotxchange.com	yummy.consumable.com
1	gift-connect-d.openx.net	yummy.consumable.com
1	hb.emxdgt.com	yummy.consumable.com
1	753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hal9000.redintelligence.net	247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
1	p1.parsely.com	www.newschannel5.com
1	rules.quantcount.com	secure.quantserve.com
1	hblg.media.net	www.newschannel5.com
1	api.pymx5.com	pymx5.com
1	static.ewscloud.com	www.newschannel5.com
1	mb.moatads.com	sejs.moatads.com
1	pymx5.com	www.googletagmanager.com
1	secure.quantserve.com	www.newschannel5.com
1	cdn.parsely.com	www.newschannel5.com
1	p.typekit.net	use.typekit.net
1	ads.rubiconproject.com	www.newschannel5.com
1	contextual.media.net	www.newschannel5.com
1	sejs.moatads.com	www.newschannel5.com
1	www.googletagmanager.com	www.newschannel5.com
1	d25dfknw9ghxs6.cloudfront.net	www.newschannel5.com
1	static.chartbeat.com	www.newschannel5.com
1	cbsnews5.com	1 redirects
0	prebid.digitru.st Failed	yummy.consumable.com
0	tlx.3lift.com Failed	d25dfknw9ghxs6.cloudfront.net
433	154

This site contains links to these domains. Also see Links.

Domain
scripps.wd5.myworkdayjobs.com
www.dontwasteyourmoney.com
support.newschannel5.com
assets.scrippsdigital.com
scripps.com
publicfiles.fcc.gov
www.facebook.com
www.instagram.com
www.pinterest.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon	`2021-02-05` - `2022-03-06`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2021-05-30` - `2022-06-28`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.scrippsdigital.com Amazon	`2020-09-04` - `2021-10-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
manager.userzoom.com DigiCert SHA2 Extended Validation Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.ewscloud.com DigiCert SHA2 Secure Server CA	`2019-08-02` - `2021-10-13`	2 years	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2020-09-10` - `2021-10-12`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
e.serverbid.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-18` - `2021-09-08`	6 months	crt.sh
*.google.be GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.consumable.com Amazon	`2020-09-23` - `2021-10-25`	a year	crt.sh
includemodal.com Amazon	`2020-11-15` - `2021-12-14`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
redintelligence.net R3	`2021-06-21` - `2021-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
brid.tv Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
contentspread.net R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-30`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.mxptint.net DigiCert TLS RSA SHA256 2020 CA1	`2021-06-29` - `2022-07-07`	a year	crt.sh
sync.resetdigital.co R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.id5-sync.com R3	`2021-07-13` - `2021-10-11`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 59 frames:

Primary Page: https://www.newschannel5.com/
Frame ID: C15F0F7B500E7739242E55743B6B7990
Requests: 132 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F
Frame ID: E459CC0FA89D9D59311FCDD962874F33
Requests: 2 HTTP requests in this frame

Frame: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0BE95926E4F3ADA3BB1849F4DEBE2E5E
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Frame ID: 5C259118246B0D017D9364166D775364
Requests: 9 HTTP requests in this frame

Frame: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AEB02726FAE6CE0590EE969DECDE1175
Requests: 17 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: ED64E86E1FA1152A074D0D922DB964C6
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNXNdMPG1Lyh8lS8tS1llqxdMegBwU4sGs_g_FyfnSs1Wuc9390iPhzOVoXSqR9XCV0oCn5aQjDi4f67EGgncGYu4OJlysUBbo9oaObXZAM0PoBlaDS6d8BvhV-jki_m7rUeJ0XZ32D7Dld8HvpzrwpcABVKyo0aZffE_5l1yoRWmqvUsrE
Frame ID: 1BB719CCEF539079FFA9FC249664E954
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3769E1251E665A31CC6685E7A65FDE0B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 773228F93FE9EF19DD39F38003CBE0D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E32F50DF3140F78969FEF2F356A1095F
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Frame ID: 80BADA2AC225B6A8C7CD1B1C3F40BA6E
Requests: 57 HTTP requests in this frame

Frame: https://753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 4F4C5F22CF93E217C678CC95D0CFD0E7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnZ_7KA4ZhMnpmk521yXqAEawEQ1ppHrhE5pZrYud5Egbx-jG94w8ayU_KbAyMsuVpdjIYQMhpcpJCz3zLJfxkpMEczPW9vhjIMRL244VuCH3SdIrSZo-WCTMhiipci7u6GMoO1LkjvAylqu6UJT3Ms3DLnnprwr0QLWddHTavvydbRRw8QaOCNyn_SrjBzV4-NfMqOmG0VVJSBU8JKr6io_JXpZ85l3xYY9doKtxiNl_CTcESi3V6gFTd4RbmnrpOuCXzDEYEIxbgfKfBx8nlJsV48-r0-qt2CA2gy1oABohOBbEGwlDfBv1yxtUExk9xwnwFOyFU8BXDcYLIgoRq_GzfY056H4G75REXo_q-BlT1FNzS363CaqxvXGn9JlE2i0_L-nlIOemF&sai=AMfl-YRKGmfYS2-duRy64VmdDolcdrcpnTapRMNYk3q07inqJYaS1-nizV9I-CHTcQQ0xeQ8O3CUU3f88gA7zFHxMal_mindQxjv_jHS6tUT0siCYVk_9cCaGzQTcrdRmVY&sig=Cg0ArKJSzMZKjwAzcNAXEAE&urlfix=1&adurl=
Frame ID: 964212DA5D235846BBDA30E5D8A1B9A0
Requests: 5 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 78101A9C57A65E7CE38C4C1FB8402158
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1EE3420C9247FE010B9598717E61C425
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B449B644D0DFB05C8C3B91E1BD1287B
Requests: 1 HTTP requests in this frame

Frame: https://d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4
Frame ID: D702DE704E0859FCD632F030A06DDC4D
Requests: 1 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
Frame ID: 7607A8D66C36EF50A6C1C5400340B62C
Requests: 5 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=eqRbKpyrOjYJuvWuyCDxCBHWgtA&tpid=ZXFSYktweXJPallKdXZXdXlDRHhDQkhXZ3RBLzI4NjY4MDEzNDc6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpYRlNZa3R3ZVhKUGFsbEtkWFpYZFhsRFJIaERRa2hYWjNSQkx6STROalk0TURFek5EYzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODY2ODAxMzQ3LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Frame ID: B5CEE789B028BB89DB417899F830477F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 693DE0198B7B79B58D9AAC417D54CE76
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5633DB3F274150397810D4D8C4D8A92B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Frame ID: D2F0C4DB680AD4BDB02762D3A6137052
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3B13CC3A4EEA7E8F7B6F7841E2337026
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: BF7A504F54BFF78DB8DA6260F4F7F813
Requests: 8 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1
Frame ID: E6213A347BE0F9EFED56D032A982A6BF
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 605FEF0FCDE0BBD0893E0D48CF601C9F
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 50FE421376899D630CD14B1AECA91DAF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0A375808B28823244511FA364DCB70F2
Requests: 26 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF
Frame ID: 5F68B8125C2BEB4D9193A08652B49AA4
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 2987E4BA41F9F8323ABEED2C495D4DA6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3B1C5597811AF0A0CB4007BAC2C0E6B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003
Frame ID: A51B42D5FB6EA0F88DB4C2790D7C676C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: E7EECFCD0E6AD1C0205E0214A62E12A4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F4FCFDCA1B3AECC6B0504E8BF6CC3FCD
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 5D54573D4BA3A0C2A39FC8029E0A567B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C8E6B12981B7941573F15DA32F9F8492
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 409F7811A8E6F3FF4AA94284E2E479D2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IWf420PTRdhrCzsTp7YIiE3zv_Q
Frame ID: 10AD0B084B7DB7B08AD98774718AB1C5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2QFvl9Sh1M6Fpw5&gdpr=0&gdpr_consent=
Frame ID: 0D0A89215063A469968EC63AFC25457C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 239ACC3B0E347CEB13104550CCAC58E2
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: AC29EC7F8CFC3B0E8F39BDABE0491931
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 35A75E18458D135A6A30A218C5B23557
Requests: 2 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: BF908CCAA877E41BB82F171A4DCCDEC6
Requests: 8 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d6zqeAByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: AEF81A4C858E0E53C1AB78CDE12BE8EA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 16836FE1A60C7D160F79C030F215E735
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: EAAABB3029E5F11A48EA03B497E38E99
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 471B082B43C07850580C42CF2021FD9C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FCF64326D2CA2919310EE20128142428
Requests: 3 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 80BA72719C3BF1047334C627E911848F
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=1&gdpr_consent=
Frame ID: 7394238482BB886705FD9ED975542E07
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1B787A3102441864E83A05F3CAA15F36
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: BE78F7726F8BCDCAC8DAB809990BB1E6
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: AF44987DF3FE15C9D2D85CBFEF36A1EC
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 5AEF7CAFCB610591FB06EAEA058E74C6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: ED012D3C7BB8FA1DCB23D7D05290F713
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9AD961E4F4BBE37DD0F43CA1F327E428
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 6FB364D86EE2DB328537E5C40DDB9977
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: C2D86180BA99B5382DB27D37039A0C72
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 47E5E149ECA08334CFC42E81A16EBE6C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cbsnews5.com/ HTTP 307
https://www.newschannel5.com/ Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Apache-Coyote(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

433
Requests

98 %
HTTPS

27 %
IPv6

94
Domains

154
Subdomains

112
IPs

11
Countries

6065 kB
Transfer

13140 kB
Size

1
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.dontwasteyourmoney.com/
Title: Don't Waste Your Money

Search URL Search Domain Scan URL

URL: http://support.newschannel5.com/support/home
Title: Support

Search URL Search Domain Scan URL

URL: https://assets.scrippsdigital.com/docs/journalism-ethics-guidelines.pdf
Title: Journalism Ethics Guidelines

Search URL Search Domain Scan URL

URL: https://scripps.com/careers/find-a-job/
Title: Careers

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/wtvf
Title: FCC Public File

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newschannel5
Title: newschannel5

Search URL Search Domain Scan URL

URL: https://www.instagram.com/newschannel5/
Title: newschannel5

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/newschannel5/
Title: newschannel5/

Search URL Search Domain Scan URL

URL: https://twitter.com/nc5
Title: nc5

Search URL Search Domain Scan URL

URL: https://www.youtube.com/newschannel5
Title: newschannel5

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cbsnews5.com/ HTTP 307
https://www.newschannel5.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F HTTP 302
https://4394967.fls.doubleclick.net/activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1626986106671&ns_c=UTF-8&cv=3.5&c8=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&c7=https%3A%2F%2Fwww.newschannel5.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1626986106671&ns_c=UTF-8&cv=3.5&c8=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&c7=https%3A%2F%2Fwww.newschannel5.com%2F&c9=

Request Chain 156

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwXfk7bPoT-ViP1usPcGeM&google_cver=1

Request Chain 157

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPnWffjI-0-BuMUFOiiy6gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpWpxwJbbpkaNTqzi3awDg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpWpxwJbbpkaNTqzi3awDg&google_cver=1&C=1

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGVt0THsrn_DCAr_yvOBdrc&google_cver=1

Request Chain 159

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3MDAwNDY5MDM3ODkxMzg1NQ%3D%3D

Request Chain 210

https://hal90005.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCosm6fNb5YOayMIvE-gauwL3gA7v6hIpXn8Oo5tEK8C4QASDmlIUYYLn4x4DcAcgBCakCBWVFw1PHsz6oAwGqBPMBT9CQDF_zGqWAcBRuOG27XsHwGT81W6DhxomKgEta0vO_UEoU8YQlCsqkMrDH0VYEwTJehVkUY6UpuvQxV3MTf1ACS2KX_5DMDNaxH0KwJi_hXPzJx1O4GYWJ6in7dX1-eHfjDamoIUyECKxMOy80sfgDDu_zHQWgz6_ht-7RwAH0FEzdn9YmIDouwF5ErEScqufnB9elQTop30mjrBYSQpdIVF-zbLaAjp2VLSq5snsIqfR2XMl5kfaK2wRdeUvk9djXQ8-qQyNm7q8MiGmwJi15YASLVospT6O9ZOFeXzxor1HKiHRHJi5LS8kt4n9u5pt9wASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w%26sig%3DAOD64_3r2puR48aMfz_dYB6uILjo7-37aQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B1wlKu4K8RsE5HTGEBXjD0XCsk_G60_MLihXXLvdWmfdcImT6pZNXLNePjtXa0hNDBanbR_mKo0afCH6ODaBcFxs0QuxWYq6cV-4NyOXHV2xK8H6M_ZniKBiN8MX1Y0ci90BGsPole56DDJ5yRQFhHrLgzvA%26cry%3D1%26dbm_d%3DAKAmf-AtYMF7ndKhvfJez_H_62A9_ECZbLMmFHe46Xd6JAU3h6E6VkT5m_-_ubJ1iCJUFvM3MnBmuM6_fME8BpQgnr1vSZFu30GWMGtcwasir4rcbg--0bNx-2ms3F0JpFs1KisYjSZSMWeZU0R7ZysSVn-n5hGzvqd-ZlbOVhre2CfxrUK-Z0hAVH12qjU9UmoCDVCemzp1-eNjt6wjL3M43v-2FqCWIJp0RmmHUWFGlk0_Nkj9x7Yjpg3US4xFtZQubvWNmMKIrBvg16yt4RAxIO3AR77kCXpYrsB_-t30o6E6zbGNM3DVaiPgWm3HsAff2z3mL6le54SjmnAC5TxoXTaclraNKcBxeXCmPP4ORYrhU1yyCjrCc5Y2ikqIMwxiqCjvH18lBgLqgtHjkJvedMeYLmepvm5DE3KDvIKdzSnmEMycwDpd2Dl0tmUxG3vjNVwJHu5h%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newschannel5.com%2F&ancestorOrigins=https%3A%2F%2Fwww.newschannel5.com&random=7514093424559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCosm6fNb5YOayMIvE-gauwL3gA7v6hIpXn8Oo5tEK8C4QASDmlIUYYLn4x4DcAcgBCakCBWVFw1PHsz6oAwGqBPMBT9CQDF_zGqWAcBRuOG27XsHwGT81W6DhxomKgEta0vO_UEoU8YQlCsqkMrDH0VYEwTJehVkUY6UpuvQxV3MTf1ACS2KX_5DMDNaxH0KwJi_hXPzJx1O4GYWJ6in7dX1-eHfjDamoIUyECKxMOy80sfgDDu_zHQWgz6_ht-7RwAH0FEzdn9YmIDouwF5ErEScqufnB9elQTop30mjrBYSQpdIVF-zbLaAjp2VLSq5snsIqfR2XMl5kfaK2wRdeUvk9djXQ8-qQyNm7q8MiGmwJi15YASLVospT6O9ZOFeXzxor1HKiHRHJi5LS8kt4n9u5pt9wASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w%26sig%3DAOD64_3r2puR48aMfz_dYB6uILjo7-37aQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B1wlKu4K8RsE5HTGEBXjD0XCsk_G60_MLihXXLvdWmfdcImT6pZNXLNePjtXa0hNDBanbR_mKo0afCH6ODaBcFxs0QuxWYq6cV-4NyOXHV2xK8H6M_ZniKBiN8MX1Y0ci90BGsPole56DDJ5yRQFhHrLgzvA%26cry%3D1%26dbm_d%3DAKAmf-AtYMF7ndKhvfJez_H_62A9_ECZbLMmFHe46Xd6JAU3h6E6VkT5m_-_ubJ1iCJUFvM3MnBmuM6_fME8BpQgnr1vSZFu30GWMGtcwasir4rcbg--0bNx-2ms3F0JpFs1KisYjSZSMWeZU0R7ZysSVn-n5hGzvqd-ZlbOVhre2CfxrUK-Z0hAVH12qjU9UmoCDVCemzp1-eNjt6wjL3M43v-2FqCWIJp0RmmHUWFGlk0_Nkj9x7Yjpg3US4xFtZQubvWNmMKIrBvg16yt4RAxIO3AR77kCXpYrsB_-t30o6E6zbGNM3DVaiPgWm3HsAff2z3mL6le54SjmnAC5TxoXTaclraNKcBxeXCmPP4ORYrhU1yyCjrCc5Y2ikqIMwxiqCjvH18lBgLqgtHjkJvedMeYLmepvm5DE3KDvIKdzSnmEMycwDpd2Dl0tmUxG3vjNVwJHu5h%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newschannel5.com%2F&ancestorOrigins=https%3A%2F%2Fwww.newschannel5.com&random=7514093424559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 284

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 285

https://u.openx.net/w/1.0/pd HTTP 302
https://u.openx.net/w/1.0/pd?cc=1

Request Chain 289

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0f260f9-d681-4f00-80e2-2355ed0e98c3

Request Chain 290

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=J9M0rHXVaqQ8gDOsdYV_8HDWYaQ81zSlc9PJ2lhL

Request Chain 291

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4864547998687448043

Request Chain 293

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjU1MTk5YzItMGYxNy0yNjFiLWQxOGEtNDQ4NTYxMGRmNWNh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjU1MTk5YzItMGYxNy0yNjFiLWQxOGEtNDQ4NTYxMGRmNWNh&google_tc=

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENeiFcNE_41PnRR9HFZ_V8A&google_cver=1

Request Chain 298

https://c1.adform.net/serving/cookie/match?party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF

Request Chain 299

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBRXBVN0I4NjBBQUY1ajk4MlJpdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 301

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6205364629 HTTP 302
https://sync.1rx.io/usersync/tradedesk/9f3a9903-3a62-4f51-b214-f743430ace4a HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003

Request Chain 304

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 305

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 307

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IWf420PTRdhrCzsTp7YIiE3zv_Q

Request Chain 308

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2QFvl9Sh1M6Fpw5&gdpr=0&gdpr_consent=

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N2NL3IXzQLWlWiNwLF5k7w%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 311

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c0f260f9-d681-4f00-80e2-2355ed0e98c3

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc2MzRCREMtODVGMy00MEI1LUE1NUEtMjM3MDJDNUU2NEVG&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOIxSE_MO0F6-n1eT04tLOU&google_cver=1

Request Chain 315

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3477478560383924954&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 316

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YPnWggADATn9YAAC HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPnWggADATn9YAAC&gdpr=0&gdpr_consent=&_test=YPnWggADATn9YAAC

Request Chain 317

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f3a9903-3a62-4f51-b214-f743430ace4a

Request Chain 318

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=0&gdpr_consent=

Request Chain 320

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37634BDC-85F3-40B5-A55A-23702C5E64EF&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37634BDC-85F3-40B5-A55A-23702C5E64EF&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QR9JFzxE2uULZFUctCOjpu9HBCUDni8-~A&gdpr=0&gdpr_consent=

Request Chain 321

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=911211800664970267&gdpr=0&gdpr_consent=

Request Chain 324

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=545f1d4b-eb2c-11eb-a6b2-63bb64799dee&gdpr=0&gdpr_consent=

Request Chain 325

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf

Request Chain 326

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 327

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B332_E0A2A692_CC4F0505&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 328

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7794e52c-90cd-45bb-81c4-ee1920df7bd6 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7794e52c-90cd-45bb-81c4-ee1920df7bd6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=803a0c18-3488-4b94-b52d-16c5c09808c2&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7794e52c-90cd-45bb-81c4-ee1920df7bd6&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 329

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_3c1cb202-dce1-4e65-bcd9-b084e3a76081

Request Chain 330

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3748493476250715673

Request Chain 332

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 335

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927

Request Chain 336

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267

Request Chain 337

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

Request Chain 338

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174

Request Chain 339

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26

Request Chain 345

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 347

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 351

https://sync.serverbid.com/ss/2000248.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Request Chain 352

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://rtb.gumgum.com/usersync?b=mmh&i=c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=1&gdpr_consent=

Request Chain 354

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 356

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5u-gp1nljdBe3lTFt6eScr1pc_FYb_qQnsBOQg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5u-gp1nljdBe3lTFt6eScr1pc_FYb_qQnsBOQg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/441/124/8/2.gif?puid=dd47e952-99e4-4202-a062-2a40b3bf7282&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEJ3xITscgsGq_PeAbpoN38g&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJ3xITscgsGq_PeAbpoN38g&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=911211800664970267&opid=apx&ops=&utidl=tech:goo:CAESEJ3xITscgsGq_PeAbpoN38g&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A19261398357&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/441/19/6/4.gif?puid=da65dced30afb5db3540881962de07ac&gdpr=1&gdpr_consent=

Request Chain 357

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://rtb.gumgum.com/usersync?b=apn&i=911211800664970267

Request Chain 358

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=lmjANG_mwZEiHlKLePYBEA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 360

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5

Request Chain 361

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D7794e52c-90cd-45bb-81c4-ee1920df7bd6%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=75f85cf1a8554daa859c1ceffe05ce68&ssp=openx&bsw_param=7794e52c-90cd-45bb-81c4-ee1920df7bd6&gdpr=&consent=&gdpr_pd= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6

Request Chain 362

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267

Request Chain 363

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAEpU7B860AAF5j982Riw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 366

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=lmjANG_mwZEiHlKLePYBEA==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 368

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5

Request Chain 369

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=27bea86f-2ab1-51cb-8996-f688e96f200c&ssp=openx&expires=30&user_group=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6

Request Chain 370

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267

Request Chain 371

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAEpU7B860AAF5j982Riw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAAEpU7B860AAF5j982Riw&pid=558502&do=add

Request Chain 373

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

Request Chain 374

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174

Request Chain 375

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

Request Chain 378

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927

Request Chain 379

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267

Request Chain 380

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26

Request Chain 384

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 385

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D

Request Chain 387

https://pr-bh.ybp.yahoo.com/sync/triplelift/8343693602673078447?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883

Request Chain 388

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 389

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8343693602673078447 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t

Request Chain 390

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 395

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D

Request Chain 397

https://pr-bh.ybp.yahoo.com/sync/triplelift/8343693602673078447?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883

Request Chain 398

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 399

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8343693602673078447 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t

Request Chain 400

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 403

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927

Request Chain 404

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267

Request Chain 405

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

Request Chain 406

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174

Request Chain 407

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26

Request Chain 409

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

433 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.newschannel5.com/
Redirect Chain

http://cbsnews5.com/
https://www.newschannel5.com/

340 KB
76 KB

107ms
48ms

Document
text/html

13.226.145.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-126.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: f7e158e0c0be778d1ea45d3c416e12494fb13c085d93e855c8af4d35e65f1730

Request headers

Host: www.newschannel5.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=240
Content-Encoding: gzip
Date: Thu, 22 Jul 2021 20:31:18 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=BCC1FAC79B20DAB9AF3F5AD7BBC9072C; Path=/; HttpOnly
X-Powered-By: Brightspot
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: jr5_zBJ9hlo6Xj9WTDtN2hAMacFQdq1e-BGViBrN2Ku4Gnf2dlnS-Q==
Age: 226

Redirect headers

Server: openresty
Date: Thu, 22 Jul 2021 20:35:05 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 168
Connection: keep-alive
Location: https://www.newschannel5.com
X-Frame-Options: sameorigin

GET
H/1.1 200
OK All.min.d24dd0c79936bb18919e9ffa2e40e06e.gz.css
ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/ 115 KB
21 KB 89ms
27ms Stylesheet
text/css 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.d24dd0c79936bb18919e9ffa2e40e06e.gz.css
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff74753c4fc2b91dda33e4656268727e261ffe843483731e1dd652451f0657be

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 15:25:39 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 13 Jul 2021 15:25:38 GMT
Server: AmazonS3
Age: 796167
ETag: "6ae0de3c1c51aceb2ae118ebbc85f0cf"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 21404
X-Amz-Cf-Id: DtUjyqMiEdc6zjtx89-98vpO5XgvGMVhJxchAU3dz_C8p3ke3xdsMg==

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 100ms
28ms Script
application/x-javascript 2600:9000:2182:1800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:1800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 17:48:41 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 15:47:37 GMT
server: nginx
age: 9985
etag: W/"60e71e19-5a0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: h9ql1cHV7Nq7T0MIvgO1yQpNx40G-GPG8lnIG2objbYRcbf7HIApBA==
expires: Fri, 23 Jul 2021 17:48:41 GMT

GET
H2 200 scsp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 134 KB
34 KB 53ms
21ms Script
application/javascript 2600:9000:2182:5e00:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:5e00:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: D6d3wRZSpYd2caAk52T_Z3UgQuNzycNf
content-encoding: gzip
last-modified: Tue, 02 Feb 2021 20:14:21 GMT
server: AmazonS3
age: 68504
etag: W/"1315a3807c809bf51bb6f25ee163a270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
date: Thu, 22 Jul 2021 02:08:59 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: PitIa4W6WeF_hOyT46SdhczXuLs_bPum6xLtThuohOKO8fBDZbfnhQ==

GET
H2 200 tsu4adm.css
use.typekit.net/ 18 KB
2 KB 32ms
7ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9592b27c145acee477908583cbdf62f5ce13238a120afaec8e6632e4678baccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 22 Jul 2021 20:35:05 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1697

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
11 KB 36ms
17ms Stylesheet
text/css 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin: https://www.newschannel5.com
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1383860
access-control-allow-methods: GET
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: XQADTADW63Z714R8
x-amz-id-2: ZhrnnZJYfW2jAzpTvacmMd0h6W2KVpgsyO/9GTqJkE/kFYyp3u3zA5MVFYlfyVDYg7HUker6pCk=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2zBITtCLUrn6o%2BY5QKQ%2FMpLXfR0pEfRXu4dsO0QFWS5Iap3HsInURbgYnUcaMNhz8rD3b%2FzfzXbwJn%2FOM%2BUKHrFOtNxfgZC3WlAmxi%2Bb2l28v9aLUKCDlkJ6yQXAFO2i1lwRLAolVEXSvvSPt9yA0mU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 672f741a59d24e61-FRA

GET
H/1.1 200
OK square--144.png
assets.scrippsdigital.com/cms/images/color_schemes/wtvf/ 16 KB
17 KB 261ms
46ms Image
image/png 13.224.193.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/color_schemes/wtvf/square--144.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7265b9247b2c56183309314ceaa246a37119c8fdd05ecac838f456c78685ace4

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DdJHVn6o27llKVpb3CXd8MICj71cnLZq
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Mar 2021 17:27:54 GMT
Server: AmazonS3
Age: 42166
ETag: "43b0894ed9bfa46a7be3dff09b921d19"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Thu, 22 Jul 2021 08:52:21 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 16744
X-Amz-Cf-Id: 31TQFCBS2zn47wGyV8CKhj2tRm7wtQZKWlBnOfGV4kMPIKV11-fj3A==

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/e684237/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/ 15 KB
15 KB 27ms
26ms Image
image/png 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/e684237/2147483647/strip/true/crop/600x200+0+0/resize/400x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fd4%2F8d%2F952387764e2e82d1e1b978d0aebd%2Fwtvf-geographic-locator-600x200.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 319750c290d5565742c47c2da4ef48c023fda39365fc58dec2be293d1510c400

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 00:48:44 GMT
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 4218382
ETag: 540a6760a1a34b923bfcc4c8b6624d49
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 14901
X-Amz-Cf-Id: -1-C7thvKEMrTVdTs3-zrgHjf3DnsRrwuJGCl63pNKqs_4P-UPq22g==
Expires: Sat, 04 Jun 2022 00:48:44 GMT

GET
H/1.1 200
OK Blank.gif
www.newschannel5.com/styleguide/assets/ 57 B
475 B 41ms
40ms Image
image/gif 13.226.145.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.newschannel5.com/styleguide/assets/Blank.gif
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-126.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newschannel5.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.newschannel5.com/
Cookie: JSESSIONID=BCC1FAC79B20DAB9AF3F5AD7BBC9072C; _cb_ls=1
Connection: keep-alive
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 08 Feb 2021 00:32:47 GMT
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache-Coyote/1.1
Age: 14241738
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 57
X-Amz-Cf-Id: xQXHuFtn1YIAL0MCPZamtybdDVfB0JRyxPAcYhXJKRiBGdtepqaRJQ==

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 240ms
74ms Image
image/png 13.224.193.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
Age: 66179
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Date: Thu, 22 Jul 2021 11:56:04 GMT
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: kkVYzxi76Z9RtgZIU-PJOD5a6CAMNawhr6N36cyJHWxcpfA-AEqZ3A==

GET
H/1.1 200
OK All.min.16f3eda5f509cd80c92941c92c424b30.gz.js Show response
ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/ 427 KB
99 KB 34ms
31ms Script
text/javascript 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08fcdd6f9b764f048f0e87f97e3d752ad6be37290960cd8982d023f258daf343

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 15:25:39 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 13 Jul 2021 15:25:38 GMT
Server: AmazonS3
Age: 796168
ETag: "2803445d1e55d79c134cd282fb760c51"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 100987
X-Amz-Cf-Id: Q1UQUr93gDST_mvlNRpImlejfUvk_UeKnZnjkYHBXRIK86sdYtR4Rw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
40 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N563SK

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

138ac841d8e56fe8eeca0f213f772a11af59f39a4e0837df13c90bc45eea8d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41152
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 19:26:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Jul 2021 20:35:06 GMT

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 42 KB
14 KB 32ms
7ms XHR
application/javascript 2600:9000:21f3:2c00:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5c2c05cdb42590baf236f817bf784791161a98d95a9ef74687a6f2e97e86b76b

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 18:41:44 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 6802
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: CE5xVEgVIGzZdkRh_DuVL5vYBvyO7TPxIUshWm4j-wBj4NScQKHNeA==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 204 KB
72 KB 130ms
69ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5709f4e8f843e20ef20be4549b11939e817de1dcad742f00cd44bf5ba5c37f77

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:06 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: 3TE8A0QZFA1KTXE7
ETag: "07f8d307499d2f7b5e601bff6e8d0f37"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=61250
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: AwiUVFdIn0Blk3qCYEvTSHtcrRZxj3qXe0A+msKAMuNLt7E4YIeha96F0UzXyRaVUb+uNrxI4Ao=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 123 KB
33 KB 131ms
59ms Script
application/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .85G8ztlJpKwIOzy6DApWWrDlx6XsDBF
content-encoding: gzip
server: Server
age: 462
etag: f8520ea4ebd91256d6b4f461d472242a
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Thu, 22 Jul 2021 20:27:24 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Wc8HOSBA-w_Co-sjpbJ2sPUS1unMqGd7UwP-ZvqPdeXees3eg0TA3w==

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 408 KB
97 KB 651ms
588ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CU6Q6626&dn=www.newschannel5.com&version=4.1&https=1

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

16bd8d6b119f00a645aa9f7a3be8c3da9a8aa7c9b7e9e7da557b551d8f5a73c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Thu, 22 Jul 2021 20:35:06 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Thu, 22 Jul 2021 21:05:06 GMT

GET
H/1.1 200
OK 5776_Scripps_Local_Stations.js Show response
ads.rubiconproject.com/prebid/ 523 KB
103 KB 76ms
26ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48b5216fe1426bd23de932c0748a74a6354d48f2ab6d0eaba1057b8df68634c3

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Jul 2021 15:05:00 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=5246
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104582
Expires: Thu, 22 Jul 2021 22:02:32 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
162 B 20ms
6ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8210683ac1f39229377e357b231a4f0ec747c231d3e89c680b78bdfba760ef32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pT2FLupAhIRU3geSHRGhcg==
cross-origin-resource-policy: cross-origin
expires: Thu, 22 Jul 2021 20:48:56 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: FXVseoMtggY9BHG65pjRm2f9PiE8x2ZjhsN1xMNpchJqPek+72bewBSv4wkehiA3ES8H1iguKBALP/o2ugCQdA==
x-fb-trip-id: 686109401
x-fb-content-md5: 1cacd83966e43e8c3817c72dbc5438af
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 22 Jul 2021 20:35:06 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5a011a6662354cf7c172fb495b5fd213"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/a483e81/2147483647/strip/true/crop/900x506+0+0/resize/1280x720!/quality/90/ 94 KB
94 KB 101ms
54ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/a483e81/2147483647/strip/true/crop/900x506+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F3e%2Fec%2F6c2c2d604f24a6d15c1df6266602%2Fforrestbustvote.jpg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: a59f78e89357c7acfe9855deb46bedf165376caac77b78c5fa2f5a8e542c8df1

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 17:28:17 GMT
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 11209
ETag: 2a906dc74f146dbd79d905e3ae10dd60
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 96042
X-Amz-Cf-Id: qz0RQ5ayt0V0xszxdQTpW1H4-ULvoNIGp56-VlpSgSOMmPUyqAM3UA==
Expires: Fri, 22 Jul 2022 17:28:17 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/706605c/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 88 KB
88 KB 83ms
55ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/706605c/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fc8%2F6e%2F233b59b24a10a1bc7869514eb4ea%2Fgovernor-avail-frame-75015.jpeg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 6897ad9adfe8ac5096b21c5d572770f0f97a1680f72aa6aee6b03c94fa063969

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 15:38:38 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 17788
ETag: 37c089f4d4b1d009bd6ab53ed17a5221
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 89644
X-Amz-Cf-Id: -7bCFm5pIDc2tXJKLj6mdLVcUWqUttFCp8JtpXN5mc9qu_5VUla4ig==
Expires: Fri, 22 Jul 2022 15:38:38 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/5c5abcd/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 79 KB
79 KB 76ms
40ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/5c5abcd/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F16%2Fe8%2F9c70fd924d02ba8851a5a6b4e3aa%2Fam-marathon-fatal-shooting-vo.transfer_frame_786.jpeg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: e1dedd2c0389f21780e49142982aa787284c7f579e5ca61ea4874fb7d26cafa2

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 14:10:01 GMT
Via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 23105
ETag: b00021d41caa47d36978127252c277a0
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 80451
X-Amz-Cf-Id: pAx5psSrgb7tcKtyjv5pHZLQkHcILQ16WZAVdefx2M4GwwXlWKEFhQ==
Expires: Fri, 22 Jul 2022 14:10:01 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/7843ce7/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 157 KB
157 KB 88ms
30ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/7843ce7/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fad%2Fe5%2F0fccc91c42c6b4f799d6b6b88c21%2Fsky-5-am-d0530-frame-107703.jpeg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 371a0384ef81bdadb7bb5e8efbdc5df444b12f105b3c8ffe80dcfc7cf0bcfc2c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 12:13:39 GMT
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 30087
ETag: 1049b66e572ca850c03bbf490c329748
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 160666
X-Amz-Cf-Id: aZr7asatMce5IBCKWl3XUC6J20EU9LBack6sqnkh9TuBqp0k48ZNhg==
Expires: Fri, 22 Jul 2022 12:13:39 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/0cc8a9c/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/ 30 KB
30 KB 32ms
30ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/0cc8a9c/2147483647/strip/true/crop/1920x1080+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fde%2Faa%2F4329c63247289f697ee03af9b334%2Fam-aaron-opioid-overdoses-vo.transfer_frame_0.jpeg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 66d30e68cc22382ef9d4b9ad07d61a5a895bc04dbb61e45e2180c0b98aee7cb0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 21 Jul 2021 19:25:32 GMT
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 90574
ETag: af0ca73008208e1e69b7fca599faa588
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 30562
X-Amz-Cf-Id: M6AkDxJKP-aoxKOMRqvwNHV5CEo0eY6AQGI28Ld8DNcvn-CqFL8oDA==
Expires: Thu, 21 Jul 2022 19:25:32 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/1eee3e2/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 65 KB
65 KB 30ms
28ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/1eee3e2/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fce%2F36%2Fdcd58fc24c7fbdd9c21987f12e3f%2Fposter-image-62.jpg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 76d342a328cf0b5359d3c610116a8d579dd778898d07def81853a4f1fee7dab4

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 02:19:49 GMT
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 65717
ETag: 115e19b5edcd75a6a54e7bd418dbd899
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 66076
X-Amz-Cf-Id: DOFgFp8gqtJhY1HKitCi-pMUfgmVFjPDF4mL8-zkwpnPOvXnMb1Jbg==
Expires: Fri, 22 Jul 2022 02:19:49 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/86f184b/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/quality/90/ 13 KB
14 KB 59ms
25ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/86f184b/2147483647/strip/true/crop/960x540+0+90/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F20%2F2a%2F82e504884c7cac883d56af1d21d7%2F960x720-nc5-now.jpg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 8320844764f01f151531ead757465cd126f8f2796c7ea1618ea2849aca0466d0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 15:08:48 GMT
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 278778
ETag: d1277eaf527395274c25c93a2f00f5e9
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 13635
X-Amz-Cf-Id: oeVPZ0ky9DYFe6KXJIrZ1JGb26O4Qyn016POZNGBSaEEflYrpvZTqg==
Expires: Tue, 19 Jul 2022 15:08:48 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/2c9ea66/2147483647/strip/true/crop/480x270+0+45/resize/320x180!/quality/90/ 109 KB
110 KB 27ms
26ms Image
image/png 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/2c9ea66/2147483647/strip/true/crop/480x270+0+45/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fcb%2F15%2Fd74122cf4bb7815f9e698e349097%2F480x360-storm-5-weather-nsps.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 636b336ce0c94e2a8dd05360505c234edbc07ea0b07fa48389b731f4bece9246

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 10 May 2021 14:17:55 GMT
Via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 6329831
ETag: 540e60b0022a014acf91240a1bfcdec6
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 111608
X-Amz-Cf-Id: gIYXsiqJJX-H6ySELY7AnlUnP4WVMsZ-pWGwxXSMPEBjnVhvfIOnqg==
Expires: Tue, 10 May 2022 14:17:55 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/891ed4e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/ 84 KB
84 KB 44ms
30ms Image
image/png 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/891ed4e/2147483647/strip/true/crop/1280x720+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fassets.scrippsdigital.com%2Fcms%2Fspecial_coverage%2Frebound%2FRebound-1280x720_default_article_.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: f09b1bc9b70cace8fa3d2a3413e01da4526576334e2ad091a0e792e6fbbd92f1

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 05:29:09 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 13964756
ETag: 6148462546ffa7ba0c3e52ecf7242a5b
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 85644
X-Amz-Cf-Id: 9itiwevIUmmLC_jOXcQ2LRV7kNEtGKo_UQzdYPNEC6KAv6CrPXyDiA==
Expires: Fri, 11 Feb 2022 05:29:10 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/180517c/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 37 KB
37 KB 34ms
29ms Image
image/png 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/180517c/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2Fdc%2F449662ab4ae7a149214d9b8f06cc%2Fmore-info-for-web.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 614020acf792911197d7436ae21b8dc0e3004ebae8d8d43399eb8a9691986557

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 11 Jun 2021 13:28:17 GMT
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 3568009
ETag: e3264c67c28650bad2fe6ec8d92052ff
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 37709
X-Amz-Cf-Id: CZpiAli9l0b27qyQinU1cCObA0g-tMP9PLO_XeBpa5HjgAg3Wa5cAA==
Expires: Sat, 11 Jun 2022 13:28:17 GMT

GET
H3-29 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 28ms
17ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin: https://www.newschannel5.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1383516
cf-ray: 672f741b7d2e4db2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 59572
x-amz-id-2: cTl+zvHE+26bjlEl07pJNISQZTlIvJaUdOtq2BiKJVS8mBt3PZQ27Ph0iRmXVNoi4Ed2KMy3DrI=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3%2BWcVLtlymY1LB5yiR0H0OrypwblrpRgL1l63clNyzJ7mCwSPH4PcxLwyAyroVoO%2Fs%2FebWhqY11Gqx5%2BGriwzARrSezyFBVgsQ4%2BRjtt4batrpn%2FdroTF%2BmlH%2BRE%2BuLkecIA9Luu06stp7oaMjS9PwL"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: WHWS5Q1BC20REQ5V
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 33 KB
33 KB 29ms
6ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e75d314fab0c1fb09c90b1ee7051ca57bd554017c874d96d113356b28ba57928

Request headers

Origin: https://www.newschannel5.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
server: nginx
etag: "f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33364

GET
H2 200 l
use.typekit.net/af/199a3f/00000000000000007735955e/30/ 20 KB
20 KB 30ms
7ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/199a3f/00000000000000007735955e/30/l?subset_id=2&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c105e92e6d74d51c6452e1a43eebcfc303d88f98aed8c41c8c63b26f5793adca

Request headers

Origin: https://www.newschannel5.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
server: nginx
etag: "4d63fb8d8caf8ff8476cf83b11ee093a28942062"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20160

GET
H2 200 l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 33 KB
34 KB 33ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2418ec657ce8bb25dee8ddb0ac29cb2379a43b4f115b653ef974d3c9fc52e649

Request headers

Origin: https://www.newschannel5.com
Referer: https://use.typekit.net/tsu4adm.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
server: nginx
etag: "27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34152

GET
H3-29 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
63 KB 31ms
24ms Font
font/woff2 2606:4700:3031::ac43:d645
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin: https://www.newschannel5.com
Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1207711
cf-ray: 672f741b7d284db2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 63376
x-amz-id-2: gpQkjEk6gFohbrIXRO3l77mjUwOFhpxF0rBCE0J8DdZSTO7VzbaecHLxbysGBZsgR4/1EpPw3/Q=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNEl1wlFebo1z0b3sROSZT03KGS7LEOgHnamremq8E0NiL3%2BAV2XHHanMokY5bJUSLWjWt%2BtEippWM%2BIbn00mNmrir40gY9wntTiA18vcTcnxKEX5U8mzqcEmhQue6zudGSqo0hFpoGW6yGtbFJFSycs"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: Q6TJ61GTR7G5GSG0
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 p.js Show response
cdn.parsely.com/keys/newschannel5.com/ 66 KB
23 KB 1193ms
81ms Script
application/javascript 13.226.147.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/newschannel5.com/p.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.147.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-147-71.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: dbe522e8a8682c9d419d4d1e0734e219f5b83c6d94b7446c0122700a0eb5a037

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Thu, 22 Jul 2021 06:47:38 GMT
content-encoding: gzip
last-modified: Thu, 18 Feb 2021 19:43:14 GMT
server: nginx
age: 49649
etag: W/"602ec352-10715"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: rt7zvfEJLYpFSINyUm2XJd8mGBM045b2g5r5nHyN4JeqPN9jE3GMfQ==
expires: Fri, 23 Jul 2021 06:47:38 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/de428d1/2147483647/strip/true/crop/960x540+0+81/resize/320x180!/quality/90/ 88 KB
88 KB 27ms
25ms Image
image/png 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/de428d1/2147483647/strip/true/crop/960x540+0+81/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F6c%2F28%2F9c036a844933a339f06fbb953b22%2Fnathan-bedford-forrest-with-sign.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 6ae402c31c8c5dcf96437e80ad658625258ddb8ba29f5b2bac0357eb65d1e349

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:33:21 GMT
Via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 105
ETag: 1f615ae11afc668dc4fbfda154d9ff2a
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 89616
X-Amz-Cf-Id: 1bvc0dmEZJuJujE9mLvDO7XfjwDj_o4dpWt6cXV7Jja6vXGbTJWb9g==
Expires: Fri, 22 Jul 2022 20:33:21 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/9214db9/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/ 8 KB
9 KB 27ms
25ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/9214db9/2147483647/strip/true/crop/1920x1080+0+0/resize/320x180!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Fa4%2Fc2%2Fa4719d604bc6a52607223d7693b6%2Fhamilton-inn-shooting.transfer_frame_569.jpeg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b8a9e67cd043aab0499b1f362f579213e8261f24c3c9988f014990734670818e

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 19:25:25 GMT
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 4181
ETag: 7a4a5ab9cf517cf049c954c643b70778
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 8416
X-Amz-Cf-Id: 2GNliddqL450UZzleYptMjDOK8fGxgSl3yYpz56P7DNh7FWwjUzwVA==
Expires: Fri, 22 Jul 2022 19:25:25 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/efceca5/2147483647/strip/true/crop/1000x563+0+0/resize/320x180!/quality/90/ 16 KB
17 KB 27ms
24ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/efceca5/2147483647/strip/true/crop/1000x563+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2F67%2Faf%2Fa4186905461bb4a6ce46a7286470%2Fap21027707830309.jpg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: f5f4489cc7fe9a140982b13ed7a8fe1989f010ffbcf5667d6295eefe10ac5eb1

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 14:23:49 GMT
Via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 22277
ETag: b0d738c0f1bcadf9bc7c33d4d3f37c84
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 16584
X-Amz-Cf-Id: shjvhq_iGtBgr9XYta_jNLhvYK6yrfm3QaIxPIqgjhiJ53495BFqAg==
Expires: Fri, 22 Jul 2022 14:23:49 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/653409c/2147483647/strip/true/crop/640x360+0+0/resize/320x180!/quality/90/ 19 KB
19 KB 24ms
23ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/653409c/2147483647/strip/true/crop/640x360+0+0/resize/320x180!/quality/90/?url=https%3A%2F%2Fmediaassets.newschannel5.com%2Fphoto%2F2015%2F09%2F24%2FPolice-Bluelights900_1443101312637_24351626_ver1.0_640_480.jpg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 9d5ef4f9318af312d5c3c4ee1bb7a2f33fb9eb03f8cb2bf907aa53af76214f74

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 04:42:12 GMT
Via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 57174
ETag: 5b24360c6c1c391d1cb6f7c48cfc02f3
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 19369
X-Amz-Cf-Id: LGR61SP-22ofy2hKvk-B8kcPkhA2SlG4LeMAP2Mw2pTYEzdmf099qQ==
Expires: Fri, 22 Jul 2022 04:42:12 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/6c2578e/2147483647/strip/true/crop/640x360+0+60/resize/320x180!/quality/90/ 14 KB
15 KB 25ms
24ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/6c2578e/2147483647/strip/true/crop/640x360+0+60/resize/320x180!/quality/90/?url=http%3A%2F%2Fmedia.theindychannel.com%2Fphoto%2F2013%2F08%2F07%2Fhandcuffs_generic_1375881287293_696479_ver1.0_640_480.jpg
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 5f569d5f6bd30f67581525fd6144fdd59ecd2089ec76582703ef3cc889ffbab4

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 03 Jul 2021 18:58:00 GMT
Via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 1647426
ETag: 238a189065d0f62ca476ab9faae5cb48
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 14352
X-Amz-Cf-Id: pM6z1fB7Mvwic-8QjZbQUWZ9zy31utsc66Kte_HNPa_JfYWC9gdZIw==
Expires: Sun, 03 Jul 2022 18:58:00 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/2de5263/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 62 KB
63 KB 24ms
24ms Image
image/jpeg 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/2de5263/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F02%2F1e%2F5525783240e69ec6dadde875f314%2Fmicrosoftteams-image-15.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: 792699a22b545ed6fee1296e49cbc61c59763853015130cd2fb1b03655529864

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 20:12:29 GMT
Via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
Connection: keep-alive
Server: Apache
Age: 174157
ETag: 48e0003c00353979b241486fc612cf83
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
X-Amz-Cf-Pop: FRA2-C1
X-Robots-Tag: nofollow
Content-Length: 63782
X-Amz-Cf-Id: 3KcMsq55lOQWpIbZZhcTp6TZKwLiIv-SKDG1MitnyvbftK2Z1G9nBA==
Expires: Wed, 20 Jul 2022 20:12:29 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 227 KB
66 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c23a5413ab246743ac0b2edfb59006da

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a92bd36ff0fddfa04b7655e233a1bce7b1adef2fa50da6d1234c7440252ee0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.newschannel5.com
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RWr6ipc/GFF+Aw/Z5ZepHA==
cross-origin-resource-policy: cross-origin
expires: Fri, 22 Jul 2022 18:56:31 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67615
x-fb-rlafr: 0
x-fb-debug: JWjplQU1DAst4/d81zDtMTSH5MDXgqj1Bb7ESwi5OuAstpQVQCak4WDohMwtipu62UeJhz52bZVehDlkKr1uXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: 79edded5e9a89b28001c015aacb919c1
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Jul 2021 20:35:06 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3ff700263930d1ac7be59344ed0daa2a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N563SK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1158
date: Thu, 22 Jul 2021 20:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 22 Jul 2021 22:15:48 GMT

GET
H2

200

activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsCha... Show response
4394967.fls.doubleclick.net/ Frame E459
Redirect Chain

https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsC...
https://4394967.fls.doubleclick.net/activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%...

483 B
721 B

335ms
34ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4394967.fls.doubleclick.net/activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N563SK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

60e9531d515e4385dcefb45a61e2d80ea16e3a5a2364bacb3e21694d01edd310

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4394967.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jul 2021 20:35:06 GMT
expires: Thu, 22 Jul 2021 20:35:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 381
x-xss-protection: 0
set-cookie: IDE=AHWqTUmFH-gEr_OO9SJKLKcM4gsGFWQlJanFXb2vHW6XppKbwCs-JLyPnu1e4j9j4bM; expires=Tue, 16-Aug-2022 20:35:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 22 Jul 2021 20:35:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4394967.fls.doubleclick.net/activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.newschannel5/schedules/current/ Frame 0
0 424ms
137ms Preflight
application/json 13.224.193.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.newschannel5/schedules/current/?type=web
Protocol: H2
Server: 13.224.193.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-4.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://www.newschannel5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 22 Jul 2021 20:35:06 GMT
x-amzn-requestid: b2d4dde8-54d8-4cb6-adb7-6871593bce5d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: C45zOG6bIAMFYtQ=
access-control-allow-methods: GET,OPTIONS
x-amzn-trace-id: Root=1-60f9d67a-1edf4e8870611e1009399a26
x-cache: Miss from cloudfront
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: E0EEPzTOdGbpIZ1X4i_9QufEHUcQfB5ek-KnviE7r_fYxUNPsYlq1Q==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 386ms
29ms Script
application/javascript 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 29 Jul 2021 20:35:06 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 88ms
26ms Script
application/javascript 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:23:44 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 683
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 02VBFbkVTd6m5NcZKPj4iiUSaIRpDP9Ak0w5mnZxH1ByoPKMejJFfQ==

GET
H/1.1 200
OK uz_til_us.js Show response
cdn5.userzoom.com/trueintent/js/ 48 KB
12 KB 175ms
26ms Script
application/x-javascript 209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

0ff30c727916819b4af43b6496baea6d056c41930de5e4d845df18e74fcdec07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Jul 2021 12:44:17 GMT
ETag: "1626957857"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1626986106.dop145.fr8.t,1626986106.cds225.fr8.shn,1626986106.dop145.fr8.t,1626986106.cds266.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12158

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 95 KB
24 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: CnXpshMvHJ69fQqfiGNjtc0BjxShTwA8ibMcYyECmx5F/T9TroNX+h3hO2IDhY+FlP5VEjjGVBeOMCgkKm5TYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Jul 2021 20:35:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK Cookie set weather Show response
www.newschannel5.com/ 107 KB
107 KB 42ms
41ms Fetch
application/json 13.226.145.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newschannel5.com/weather?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-126.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: aa7dbd87bf4ade8fb9668e96182ff4ec73ede1b439635f73d6a417c04a1d242d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newschannel5.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.newschannel5.com/
Cookie: JSESSIONID=BCC1FAC79B20DAB9AF3F5AD7BBC9072C; _cb_ls=1; _gcl_au=1.1.553008016.1626986106
Connection: keep-alive
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:31:23 GMT
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 222
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=97AE1640915C957459A15990E1430C46; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: j6RU1B1hCsXxs10NmBSqJN150Y9r_ok59152hmuB2UcLICygAlr3dQ==

GET
H/1.1 200
OK Cookie set breaking-news-alerts Show response
www.newschannel5.com/ 90 KB
91 KB 103ms
50ms Fetch
application/json 13.226.145.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newschannel5.com/breaking-news-alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-126.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: 5a473f833b877f722001905b5b7ee44a58551e64d4e666ed56a992a80e9ddd41

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newschannel5.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.newschannel5.com/
Cookie: JSESSIONID=BCC1FAC79B20DAB9AF3F5AD7BBC9072C; _cb_ls=1; _gcl_au=1.1.553008016.1626986106
Connection: keep-alive
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:32:17 GMT
Via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 168
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=7C9595CA82DFC832B254169D80BA6EBC; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: DAfCEIt0aSGl41VwSQB9X_9BTmiaX3VTho49X95W4l4R8q8fC3p-Jg==

GET
H/1.1 200
OK Cookie set alerts Show response
www.newschannel5.com/weather/ 90 KB
91 KB 99ms
43ms Fetch
application/json 13.226.145.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newschannel5.com/weather/alerts?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-126.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: a438b3777b6690da042658ca73a55a9dcb8716eab2d5044fc64a3e3670658b05

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newschannel5.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.newschannel5.com/
Cookie: JSESSIONID=BCC1FAC79B20DAB9AF3F5AD7BBC9072C; _cb_ls=1; _gcl_au=1.1.553008016.1626986106
Connection: keep-alive
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:31:24 GMT
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 221
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=385B0D80A0EAE84EB2EEE204BEF7B12E; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: afbd8KHHOehKSfgFselvadBYHKeMlisSPL9IUX2ozJU9zqBLK1kmRg==

GET
H/1.1 200
OK Cookie set school-closings-delays Show response
www.newschannel5.com/weather/ 86 KB
87 KB 91ms
35ms Fetch
application/json 13.226.145.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newschannel5.com/weather/school-closings-delays?_renderer=json
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-126.dus51.r.cloudfront.net
Software: Apache-Coyote/1.1 / Brightspot
Resource Hash: c46910f27aeefbc8a277380722a6aa2516ec14f470c22a5c948fbc532ece557c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.newschannel5.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.newschannel5.com/
Cookie: JSESSIONID=BCC1FAC79B20DAB9AF3F5AD7BBC9072C; _cb_ls=1; _gcl_au=1.1.553008016.1626986106
Connection: keep-alive
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:32:17 GMT
Via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
Server: Apache-Coyote/1.1
Cache-Control: max-age=240
Age: 168
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/json;charset=UTF-8
Set-Cookie: JSESSIONID=18DEAD39DD4F44A429E8A547337C2D6E; Path=/; HttpOnly
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
X-Robots-Tag: nofollow
X-Amz-Cf-Id: YTD3PZGW6k30xQDbRbSqJiSEQ7MwtsO9IvSQLFSFgVstDs-FpUSsqw==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.newschannel5/schedules/current/ 5 KB
6 KB 562ms
562ms Fetch
application/json 13.224.193.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.newschannel5/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-4.fra2.r.cloudfront.net
Software: /
Resource Hash: f0cb40e1da5643bd18eb070a1ff36a76b9c9bf6a451586d14b29fa731c9715a1

Request headers

Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: ac6f1ab6-c73e-4fe6-aa4a-624e6deb5e46
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-60f9d67b-63d50fa534ecb046746ac152
x-amz-apigw-id: C45zTHpgoAMF9fg=
content-length: 5498
x-amz-cf-id: DwEKBV9G-9jNHVg7I3i8vrAhNwdOmFMMTMD0UiNZIN9v_GlWnnfwWQ==

GET
H2 200 activityi;register_conversion=1;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20...
4394967.fls.doubleclick.net/ 0
0 82ms
32ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4394967.fls.doubleclick.net/activityi;register_conversion=1;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F?
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 92ms
21ms Script
application/javascript 35.227.203.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N563SK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 19:42:30 GMT
age: 3156
x-guploader-uploadid: ADPycduKrW1Y4jKTSctwx2HAD-rC70dFzKupR-l8ixXOdkWHThLCCpAoyPb09j7oZhgZmuXZ5PRLKqpbL70doEtT69s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 8946
last-modified: Mon, 30 Nov 2020 10:13:10 GMT
server: UploadServer
etag: "f6b06694767e707999eecbe9538b403a"
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation: 1606731190093338
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8946
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 22 Jul 2021 20:42:30 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 135ms
134ms XHR
text/plain 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.newschannel5.com%2F
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.newschannel5.com
cache-control: max-age=86087, s-maxage=86400
access-control-allow-credentials: true
x-amz-cf-id: 0R7K16OLfH6rW0yitiIHNv01Lyg-v2rmQHmTKWP-c2ZZSP8DUfkFsA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 3339ms
286ms XHR
application/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 53386
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 01 Jul 2021 22:05:10 GMT
server: AmazonS3
date: Thu, 22 Jul 2021 05:45:24 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: gL0Oftzfr1F5RhxWmAu1h0kl41AkNUtr8xnpPwozg_iyK61LXJHTyw==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 2 KB
2 KB 115ms
49ms Script
text/html 18.134.72.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&callback=MoatNadoAllJsonpRequest_90257320
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.72.135 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-72-135.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 39e7bb2ec655cf9af41b609a7e243d518007ca533a7eca602f7a98c0c6e3695d

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "df4bee4fb11af2b6703bf2ea534d2cdd8271df12"
content-length: 1720
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 93ms
32ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1626986106486&de=935698637535&d=CRACKED_SCRIPPS_DFP_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&sgs=5&ar=29ad59d-clean&iw=738e604&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=newschannel5.com&bd=newschannel5.com&ac=1&bq=11&f=0&na=1377541702&cs=0
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:06 GMT

GET
H3-29 200 292820581178899 Show response
connect.facebook.net/signals/config/ 262 KB
75 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292820581178899?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75e1139bf3a7061e3a5f2ad865d65ae2503682db46671ad2f3cb94adaa4e3b7a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76403
x-xss-protection: 0
pragma: public
x-fb-debug: FMpW9f9pBMigYDSfqa2Ga2hJUTUECxJkwnwwzD3O4onODNtjxlU2L0rTAlna84KcFrxBXT300DweVC4t7H6ABw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Jul 2021 20:35:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 partlycloudy.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 3 KB
3 KB 57ms
10ms Image
image/png 2600:9000:20eb:e600:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/partlycloudy.png
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:e600:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7614a5bfcdf62a6df3f66e16104af543749f263f4de8f24f533434f89b1b7be7

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0_4AMtqzRjaOTSyN4yPAZLSLnY0s8m7i
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
last-modified: Tue, 04 May 2021 14:04:21 GMT
server: AmazonS3
age: 128
etag: "95dcda7cca4c271fe8fabda3683b55d4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
date: Thu, 22 Jul 2021 20:34:20 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2966
x-amz-cf-id: vNPOJSkda8-WyRdoO2Ow7Vfjj5VO3LZQo2ygrQCdsTIJqs8LvIv1mg==

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 8ms
7ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 576
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 22 Jul 2021 21:25:30 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1626986106671&ns_c=UTF-8&cv=3.5&c8=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&c7=https%3A%2F%2Fwww.newschannel5.co...
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1626986106671&ns_c=UTF-8&cv=3.5&c8=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&c7=https%3A%2F%2Fwww.newschannel5.c...

64 B
330 B

31ms
31ms

Image
image/gif

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1626986106671&ns_c=UTF-8&cv=3.5&c8=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&c7=https%3A%2F%2Fwww.newschannel5.com%2F&c9=
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: RCZAX-AcTsEoltK3jQ-mm4RzHrz6hdtBDNKnMeldXeGIMQNqgrdgDg==

Redirect headers

date: Thu, 22 Jul 2021 20:35:06 GMT
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1626986106671&ns_c=UTF-8&cv=3.5&c8=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&c7=https%3A%2F%2Fwww.newschannel5.com%2F&c9=
content-length: 228
x-amz-cf-id: Nq5bd1_EJracQ7bl0tn9LxqPw2xSw_kAOFSzUK0iX4rpDgzphZyYOQ==

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
716 B 199ms
129ms Script
text/html 34.96.74.203
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
via: 1.1 google
server: nginx/1.13.7
x-frame-options: SAMEORIGIN
allow: GET, HEAD, OPTIONS
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK voc.js Show response
cdn5.userzoom.com/voc/files/BED42E54E1E3E61180CC0050569444FB/ 8 B
500 B 27ms
25ms Script
application/x-javascript 209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn5.userzoom.com/voc/files/BED42E54E1E3E61180CC0050569444FB/voc.js

Requested by

Host: cdn5.userzoom.com
URL: https://cdn5.userzoom.com/trueintent/js/uz_til_us.js?cuid=D42D89CC6BCDE41180C90050569444FB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 03 Jul 2021 16:48:58 GMT
ETag: "1625330938"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1626986106.dop145.fr8.t,1626986106.cds225.fr8.shn,1626986106.dop145.fr8.t,1626986106.cds280.fr8.c
Content-Type: application/x-javascript; charset=utf-16
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 88ms
31ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

369ee8b3a261b36bb923507fca5009e67175766b693c127ab8ef5ec91b79d317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "937 / 828 of 1000 / last-modified: 1626952271"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24845
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
91 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-37415317-1&cid=741653019.1626986107&jid=162330830&gjid=908030057&_gid=2075422131.1626986107&_u=aGBAgAAjAAAAAE~&z=502358596

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Jul 2021 20:35:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-37415317-2&cid=741653019.1626986107&jid=1013540433&gjid=1430206656&_gid=2075422131.1626986107&_u=aGDAiAAjBAAAAE~&z=753183883

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Jul 2021 20:35:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 32ms
16ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-40066851-1&cid=741653019.1626986107&jid=1009468268&gjid=2008766426&_gid=2075422131.1626986107&_u=aGDAiAAjBAAAAE~&z=1995149434

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Jul 2021 20:35:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2068353625&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newschannel5.com%2F&ul=en-us&de=UTF-8&dt=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=162330830&gjid=908030057&cid=741653019.1626986107&tid=UA-37415317-1&_gid=2075422131.1626986107&gtm=2wg7l1N563SK&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=1393449848

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2068353625&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newschannel5.com%2F&ul=en-us&de=UTF-8&dt=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=1013540433&gjid=1430206656&cid=741653019.1626986107&tid=UA-37415317-2&_gid=2075422131.1626986107&gtm=2wg7l1N563SK&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&z=761716044

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2068353625&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newschannel5.com%2F&ul=en-us&de=UTF-8&dt=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=1009468268&gjid=2008766426&cid=741653019.1626986107&tid=UA-40066851-1&_gid=2075422131.1626986107&gtm=2wg7l1N563SK&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=727730181

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81420
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 943141905875641 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 278ms
278ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/943141905875641?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee2212c8d098822d233ef645b713c455e1ca16e44dace81f1b503e9505ec2b59

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: oteOyCyUWz4Y5HVgn5PJWXvflD/CZ5K8fLs64mozAb8gQQ3oJVGXppCzkJ0JHf70HvZVWmwPCJYASyntF/TCTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Jul 2021 20:35:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
114 KB 161ms
131ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:06 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 164 B
138 B 109ms
79ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.newschannel5.com

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

fe3597d387350d14a00ae2bc7f134cc74608b6c7823108217ca103ae6c555020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:06 GMT

GET
H2 200 log
hblg.media.net/ 35 B
194 B 41ms
33ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&abte=SSP_CLIENT&adbd=0&adt=desktop&cid=8CU6Q6626&ct=BRUSSELS&cc=BE&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=newschannel5.com&servname=ssp-serving-9cc9f65cb-c9wc7&sd=1&svr=071912_272_071912_240_ssp&sc=&version=4&vh=1200&vw=1600&vsid=&vid=00001626986106885013078197766404&sspAbBucket=CONTROL&npa=0&lw=1&dapp=green&rtype=&lbr=0&itypeid=1&mnkv=&pabte=&floc_id=&floc_ver=&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&id_details=&a=0&r=209&lper=1&pc=&requrl=https%3A%2F%2Fwww.newschannel5.com%2F&kwrf=
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:06 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Thu, 22 Jul 2021 20:35:06 GMT

GET
H2 200 rules-p-cfh7-Kj7hw4Cs.js Show response
rules.quantcount.com/ 1 KB
1 KB 56ms
13ms Script
application/javascript 2600:9000:2182:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:11:33 GMT
content-encoding: gzip
age: 1585
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Wed, 30 Aug 2017 16:19:22 GMT
server: AmazonS3
etag: W/"021b7e04f30cea21812673c831b1b679"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: jSuuKtbF5caIoCzacPhemwPMASwEBaW8B03RGMVBN56u_N0Y69R7Pg==

GET
H2 200 dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=*;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~or...
adservice.google.com/ddm/fls/z/ Frame E459 42 B
262 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=*;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F

Requested by

Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CL_jvMfD9_ECFa0C0wodTAkONg;src=4394967;type=wtvf;cat=pc_tt0;ord=3095826276192;gtm=2wg7l1;auiddc=553008016.1626986106;u1=Homepage;u2=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home;ps=1;~oref=https%3A%2F%2Fwww.newschannel5.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4394967.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=996426926;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.newschannel5.com%2F;uht=2;fpan=1;fpa=P0-1426937757-1626986106957;pbcn=u;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 30ms
28ms Image
image/gif 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=996426926;labels=Cracked.Article%20Title.Homepage;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.newschannel5.com%2F;uht=2;fpan=1;fpa=P0-1426937757-1626986106957;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=newschannel5.com;je=0;sr=1600x1200x24;dst=1;et=1626986106957;tzo=-120;ogl=title.Homepage%2Curl.https%3A%2F%2Fwww%252Enewschannel5%252Ecom%2F%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F7dd5197%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F7dd5197%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2F7dd5197%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Csite_name.WTVF%2Ctype.website%2Cdescription.

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7313b1057f6543d7eb7acaa080be92b436473884cc71a5b0bdf5ece0d5e0aa4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5950
x-xss-protection: 0
server: cafe
etag: 3337145904970783249
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 22 Jul 2021 21:03:54 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 60ms
60ms XHR
text/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.newschannel5.com%2F&pid=aMFn0qSF3SntS&cb=0&ws=1600x1200&v=7.67.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: bBpAPUTPu9bT3NtNMd3UQaNbEECZp-tY8lV8BFZcczeVk3JLmISauw==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 521 B
1005 B 347ms
33ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954076%3B1954074&size_id=2%3B15&alt_size_ids=%3B10&rf=https%3A%2F%2Fwww.newschannel5.com%2F&tg_i.aupname=%2F6088%2Fssp.wtvf%26mad_inview%3B%2F6088%2Fssp.wtvf%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.wtvf%2Finview-bottom%3B6088%2Fssp.wtvf%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.wtvf%2Finview-bottom%3B6088%2Fssp.wtvf%2Fhome%2Flanding&tk_flint=dmpbjs_v4.43.0&x_source.tid=b850bde8-53c0-4186-9304-96eb7b7d7b7a%3Be4c482fa-bcf8-4042-a190-1765e9c2670a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.705576621611717
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4752d0728e10f3272d2d5e2673558cadc5c24d8e39aa5d447aa37e1bb61c6789

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newschannel5.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 521
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 898 B
1 KB 169ms
75ms XHR
application/json 54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=1mlu4e96&pi=3&si=113215&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.newschannel5.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.newschannel5.com%2F&ns=10240
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 19a6284f20417638845a46083afd8726859a62e0571a49baf13563044d135bd6

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newschannel5.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 898 B
1 KB 208ms
113ms XHR
application/json 54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=1mlu4e96&pi=3&si=113214&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.newschannel5.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.newschannel5.com%2F&ns=10240
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 08165ff2eb18b34353a75c6981e3ad6b6aaced1ec8eb5374aa18ace520d5ed1f

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newschannel5.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 252 B
1 KB 185ms
142ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fd0e28f1e54476478bfd5cdf04451eee123d4accbeae7386fae4691acb7150a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:07 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8472f4c5-38e0-4e0d-b989-819ed5569a77
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newschannel5.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 252
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST auction
tlx.3lift.com/header/ 0
0

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
990 B 358ms
119ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newschannel5.com
date: Thu, 22 Jul 2021 20:35:07 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
639 B 339ms
111ms XHR
application/json 52.22.60.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dZ3zKKByqr67OuaKj0P0Le
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.60.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-60-34.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 5ceecb88cbd1389cb4db365f74b36b401f27e4add5a6cb256910b0d5c73c11a2

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
640 B 336ms
107ms XHR
application/json 52.22.60.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dWYM8kByqr67OuaKj0P0Le
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.60.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-60-34.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 7ceaf650e16b7672a4c84739c4968ee98ae66bd8d708b860e97a987a91f755a4

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 172 B
357 B 83ms
29ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newschannel5.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b850bde8-53c0-4186-9304-96eb7b7d7b7a%2Ce4c482fa-bcf8-4042-a190-1765e9c2670a&nocache=1626986107188&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.wtvf%252Finview-bottom%2C%252F6088%252Fssp.wtvf%252Fhome%252Flanding&auid=544041537%2C544041535
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 33a8442d58fe84873198b0e7d1ab67f7636191552c89f6a47c661bb809b384b1

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newschannel5.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
480 B 220ms
161ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d7628780e2002f&pos=8a969c0301797961d75b62911e670054&cmd=bid&secure=1
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: b8104cda342b58ad667f44ecd22591c316b4cb8293587a78184ea837813d7333

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 22 Jul 2021 20:35:07 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.newschannel5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
480 B 292ms
71ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96941601797961e0d7628780e2002f&pos=8a96941601797961e0d76291277c0057&cmd=bid&secure=1
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 0123fc63a38c97c7ed3d11a509baf6d913d6c0197d385a40c50a6b2b5e7cfb4a

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 22 Jul 2021 20:35:07 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.newschannel5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
375 B 519ms
518ms XHR
text/javascript 13.226.132.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.newschannel5.com%2F&pid=aMFn0qSF3SntS&cb=1&ws=1600x1200&v=7.67.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_HOMEPAGE_SHOWCASE%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-202.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: cSMPngk89V61XiSdmJVMsTD4F6KHis4pqXBgdiC5OMRSFd1UPdlgbg==

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
174 B 304ms
103ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newschannel5.com
date: Thu, 22 Jul 2021 20:35:07 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 120ms
70ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

6d879fd34eb2f1c8c217cc3071761b03536f399a39c3ffabbd2f0067fcdfcc93

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:07 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: adde8b0a-f462-4908-adca-6ab939ab3f5c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newschannel5.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
ewscripps-d.openx.net/w/1.0/ 172 B
563 B 45ms
28ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.newschannel5.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7acdae52-ea20-44e9-8f1c-0c180720eb86&nocache=1626986107226&aus=970x250%2C728x90&divids=MAD_HOMEPAGE_SHOWCASE&aucs=%252F6088%252Fssp.wtvf%252Fhome%252Flanding&auid=544041541
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 8628e447138b28448c4dc1dc3214d2ccb0a60df9e7b4690e7d74a3bc0184e6ba

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
server: OXGW/16.211.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newschannel5.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 898 B
1 KB 236ms
188ms XHR
application/json 54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=1mlu4e96&pi=3&si=113217&bf=970x250%2C728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.newschannel5.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.newschannel5.com%2F&ns=10240
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: df89d2b959d80201c543061465ca8dffbda706565eb5770ec4838ce7dfcc9e59

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.newschannel5.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 424 B
908 B 336ms
37ms XHR
application/json 213.19.162.51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1954080&size_id=2&alt_size_ids=57&rf=https%3A%2F%2Fwww.newschannel5.com%2F&tg_i.aupname=%2F6088%2Fssp.wtvf&tg_i.dfp_ad_unit_code=6088%2Fssp.wtvf%2Fhome%2Flanding&tg_i.pbadslot=6088%2Fssp.wtvf%2Fhome%2Flanding&tk_flint=dmpbjs_v4.43.0&x_source.tid=7acdae52-ea20-44e9-8f1c-0c180720eb86&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0824524743598003
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: eaae522c9914afdd4acf0775faad7eae917ae494c5e46ee8f65ae0e8bc420171

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:07 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.newschannel5.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 424
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST auction
tlx.3lift.com/header/ 0
0

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
480 B 335ms
81ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b628782d00036&pos=8a96941601797961e0d762912ea5005a&cmd=bid&secure=1
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: c6020e69cb95aa6159412f88baf413f9b721c360573b5b3674a0497599604885

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 22 Jul 2021 20:35:07 GMT
Server: ATS/7.1.2.128
Age: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.newschannel5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
638 B 293ms
106ms XHR
application/json 52.22.60.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=d6zqeAByqr67OuaKj0P0Le
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.60.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-60-34.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: b24a6646c4af9d56546f9934bae63024dbe4aaf8401caabb327cf20e640deab6

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292820581178899&ev=PageView&dl=https%3A%2F%2Fwww.newschannel5.com%2F&rl=&if=false&ts=1626986107240&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626986107239.1574507584&it=1626986106641&coo=false&rqm=GET

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 20:35:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 21ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=943141905875641&ev=PageView&dl=https%3A%2F%2Fwww.newschannel5.com%2F&rl=&if=false&ts=1626986107243&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1626986107239.1574507584&it=1626986106641&coo=false&rqm=GET

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 20:35:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=292820581178899&ev=ViewContent&dl=https%3A%2F%2Fwww.newschannel5.com%2F&rl=&if=false&ts=1626986107245&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626986107239.1574507584&it=1626986106641&coo=false&rqm=GET

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 20:35:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=943141905875641&ev=ViewContent&dl=https%3A%2F%2Fwww.newschannel5.com%2F&rl=&if=false&ts=1626986107246&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626986107239.1574507584&it=1626986106641&coo=false&rqm=GET

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 22 Jul 2021 20:35:07 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 969ms
104ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1626986107473&plid=76359452&idsite=newschannel5.com&url=https%3A%2F%2Fwww.newschannel5.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.newschannel5.com%2F&sref=&sts=1626986107462&slts=0&title=NewsChannel+5+Nashville+WTVF+-+NewsChannel5.com+-+Home&date=Thu+Jul+22+2021+22%3A35%3A07+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=96174598&u=pid%3D3edd2b7348e11d72411bf8808f0a6c01
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:08 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 22-Jul-2021 20:35:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 /
www.facebook.com/tr/ 0
88 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAciZVbHDDciDgGSP

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 22 Jul 2021 20:35:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaotCygl28eN1ZPG6

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 22 Jul 2021 20:35:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
90 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=2068353625&t=event&_s=1&dl=https%3A%2F%2Fwww.newschannel5.com%2F&ul=en-us&de=UTF-8&dt=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Prebidders&ea=fetch_bids_timeout&el=Rubicon&_u=aGjACEAjBAAAAG~&jid=529543090&gjid=1916090295&cid=741653019.1626986107&tid=UA-37415317-1&_gid=826201593.1626986109&_r=1&gtm=2wg7l1N563SK&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&z=850831899

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-37415317-2&cid=741653019.1626986107&jid=1246386191&gjid=352771748&_gid=2075422131.1626986107&_u=aGjAiEAjBAAAAG~&z=1956798551

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Jul 2021 20:35:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-40066851-1&cid=741653019.1626986107&jid=1161042854&gjid=1441162981&_gid=2075422131.1626986107&_u=aGjAiEAjBAAAAG~&z=14649376

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Jul 2021 20:35:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2068353625&t=event&_s=2&dl=https%3A%2F%2Fwww.newschannel5.com%2F&ul=en-us&de=UTF-8&dt=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Prebidders&ea=fetch_bids_timeout&el=Rubicon&_u=aGjAiEAjBAAAAG~&jid=1246386191&gjid=352771748&cid=741653019.1626986107&tid=UA-37415317-2&_gid=2075422131.1626986107&gtm=2wg7l1N563SK&cd12=741653019.1626986107&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&z=1983686828

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81422
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j91&a=2068353625&t=event&_s=2&dl=https%3A%2F%2Fwww.newschannel5.com%2F&ul=en-us&de=UTF-8&dt=NewsChannel%205%20Nashville%20WTVF%20-%20NewsChannel5.com%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Prebidders&ea=fetch_bids_timeout&el=Rubicon&_u=aGjAiEAjBAAAAG~&jid=1161042854&gjid=1441162981&cid=741653019.1626986107&tid=UA-40066851-1&_gid=2075422131.1626986107&gtm=2wg7l1N563SK&cd12=741653019.1626986107&cd20=&cd21=&cd22=&cd23=Homepage&cd24=&cd25=false&cd26=&cd30=&cd31=false&cd34=false&z=968114062

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Jul 2021 21:58:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 81422
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 63ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
15 KB 364ms
363ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3181244825074911&correlator=264551436763238&output=ldjh&impl=fifs&eid=31061788%2C31061830%2C20211866&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=6088%2Cssp.wtvf%2Cinview-bottom%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2C%2F0%2F1%2F3%2F4&prev_iu_szs=728x90%2C994x30%7C10x1%2C300x600%7C300x250&prev_scp=kw%3DNC5%252CChannel%25205%2520Nashville%252CNashville%2520news%252CNewsChannel%25205%252CWeather%2520in%2520Nashville%252CNashville%2520weather%252CNashville%252C%2520Tennessee%252Cnews%2520in%2520Nashville%252CTennessee%2520news%252CNashville%252C%2520TN%26categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C11%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D80-89%26weather%3Dcloudy%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Ckw%3DNC5%252CChannel%25205%2520Nashville%252CNashville%2520news%252CNewsChannel%25205%252CWeather%2520in%2520Nashville%252CNashville%2520weather%252CNashville%252C%2520Tennessee%252Cnews%2520in%2520Nashville%252CTennessee%2520news%252CNashville%252C%2520TN%26categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D80-89%26weather%3Dcloudy%7Ckw%3DNC5%252CChannel%25205%2520Nashville%252CNashville%2520news%252CNewsChannel%25205%252CWeather%2520in%2520Nashville%252CNashville%2520weather%252CNashville%252C%2520Tennessee%252Cnews%2520in%2520Nashville%252CTennessee%2520news%252CNashville%252C%2520TN%26categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D80-89%26weather%3Dcloudy%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cgv_arms%252Cgv_death_injury%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1626986108&dt=1626986108721&dlt=1626986105902&idt=1175&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C1050&adys=-12245933%2C-12245933%2C1946&adks=1304723128%2C3836105356%2C224907288&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1500x0%7C300x30&msz=1600x-1%7C994x0%7C300x30&ga_vid=741653019.1626986107&ga_sid=1626986109&ga_hid=2068353625&ga_fc=false&fws=644%2C132%2C4&ohw=1600%2C1600%2C1500&btvi=-1%7C-1%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f388451aa36c362ea03eec3287a0cedc0df4333c57e0d2bdf7e5f44443afdff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
google-lineitem-id: -1,-2,5741566001
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,138356124144
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0BE9 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 22 Jul 2021 20:35:08 GMT
expires: Fri, 22 Jul 2022 20:35:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
5 KB 312ms
312ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3181244825074911&correlator=1807062239882544&output=ldjh&impl=fifs&eid=31061788%2C31061830%2C20211866&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=6088%2Cssp.wtvf%2Chome%2Clanding&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90&prev_scp=kw%3DNC5%252CChannel%25205%2520Nashville%252CNashville%2520news%252CNewsChannel%25205%252CWeather%2520in%2520Nashville%252CNashville%2520weather%252CNashville%252C%2520Tennessee%252Cnews%2520in%2520Nashville%252CTennessee%2520news%252CNashville%252C%2520TN%26categories%3Dhomepage%26pt%3Dlanding%252Cfalse%26fname%3Dhome%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C12%26au%3Dhome%252Flanding%26refresh%3D0%26temp%3D80-89%26weather%3Dcloudy%26m_gv%3D60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cgv_arms%252Cgv_death_injury%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&cookie_enabled=1&bc=31&abxe=1&lmt=1626986108&dt=1626986108756&dlt=1626986105902&idt=1175&frm=20&biw=1600&bih=1200&oid=3&adxs=70&adys=1584&adks=1496757263&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1460x30&msz=1460x30&ga_vid=741653019.1626986107&ga_sid=1626986109&ga_hid=2068353625&ga_fc=false&fws=4&ohw=1500&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

d000d216982e32f55971d00660c4168ae0211bb471c80b6f3b2c17948351e93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4649
x-xss-protection: 0
google-lineitem-id: 5221840051
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138310725339
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 91ms
23ms Preflight 18.157.108.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Server: 18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-108-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newschannel5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame 5C25 301 KB
102 KB 34ms
33ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 752e3c3599ebb9cc2bf630faf9a60b49c8c773cf9a92bc5747fd2629f69bf8f3

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 16:09:38 GMT
server: AmazonS3
x-amz-request-id: XAH6QJCP05RQ3CM4
etag: "3d6395d004feecae3b0425f280b972ab"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61227
accept-ranges: bytes
content-length: 104416
x-amz-id-2: diFty1GkDvRIdVmhrmWkJocvr54pzvVoTl1U5cxFA7qpfgUKZ8TqVpPZpBj0EpNq++M8sMqy06E=

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 5C25 29 KB
10 KB 302ms
246ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Zi6SAP3F02lE40PrkD.rE0hX9.xAg1QP
Content-Encoding: gzip
ETag: "57fc0e97a8dfc61ae25824300663d895"
Age: 2705
X-Cache: HIT
Connection: keep-alive
Content-Length: 9175
x-amz-id-2: mAmXn2jeZkuD5HPKmvnT0RnI7ZfPtuvHozjwNLqBNUfNZosbQ1ZK/oWKqq4G9oXGdaQFJeHA/9E=
X-Served-By: cache-fra19182-FRA
Last-Modified: Thu, 08 Jul 2021 04:21:17 GMT
Server: AmazonS3
X-Timer: S1626986109.378361,VS0,VE0
Date: Thu, 22 Jul 2021 20:35:09 GMT
Vary: Accept-Encoding
x-amz-request-id: ADM3626KQD6EPNRV
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 30

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C25 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736025986498"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28059
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 25ms
24ms XHR
application/json 18.157.108.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-108-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 37ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26ad0a9a591350ffe992b322697d12a35fa26186ed27b33d263fd26ceadac541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8490
x-xss-protection: 0

GET
H3-29 200 container.html Show response
247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AEB0 6 KB
3 KB 23ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 22 Jul 2021 20:35:08 GMT
expires: Fri, 22 Jul 2022 20:35:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 48ms
24ms Preflight 18.157.108.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Server: 18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-108-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.newschannel5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame ED64 29 KB
10 KB 90ms
34ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Zi6SAP3F02lE40PrkD.rE0hX9.xAg1QP
Content-Encoding: gzip
ETag: "57fc0e97a8dfc61ae25824300663d895"
Age: 2705
X-Cache: HIT
Connection: keep-alive
Content-Length: 9175
x-amz-id-2: mAmXn2jeZkuD5HPKmvnT0RnI7ZfPtuvHozjwNLqBNUfNZosbQ1ZK/oWKqq4G9oXGdaQFJeHA/9E=
X-Served-By: cache-fra19126-FRA
Last-Modified: Thu, 08 Jul 2021 04:21:17 GMT
Server: AmazonS3
X-Timer: S1626986109.205955,VS0,VE0
Date: Thu, 22 Jul 2021 20:35:09 GMT
Vary: Accept-Encoding
x-amz-request-id: ADM3626KQD6EPNRV
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 19

GET
H2 200 moatad.js Show response
z.moatads.com/ewscrippsdfp76939516016/ Frame ED64 301 KB
102 KB 30ms
29ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 752e3c3599ebb9cc2bf630faf9a60b49c8c773cf9a92bc5747fd2629f69bf8f3

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Jul 2021 16:09:38 GMT
server: AmazonS3
x-amz-request-id: XAH6QJCP05RQ3CM4
etag: "3d6395d004feecae3b0425f280b972ab"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=61227
accept-ranges: bytes
content-length: 104416
x-amz-id-2: diFty1GkDvRIdVmhrmWkJocvr54pzvVoTl1U5cxFA7qpfgUKZ8TqVpPZpBj0EpNq++M8sMqy06E=

GET
H2 200 8401275438925160713
tpc.googlesyndication.com/simgad/ Frame ED64 47 KB
47 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8401275438925160713

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b95a070f7a633909b43da2132485e939ce33c032b3149a16afb48e55cee40693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 04:34:08 GMT
x-content-type-options: nosniff
age: 316861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47930
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 14:20:04 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 04:34:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame ED64 2 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 20:28:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED64 124 KB
37 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ED64 0
0 14ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-AwdBqfxpxsBI5-ZitElJX1ldZ1m6O595s324-B2ESJ5XzJfuZEpAUMWTf0YJY5ZqV3ABzkrAO_t1VSpuIHCv5DLJww
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&m=0&ar=29ad59d-clean&iw=738e604&q=1&cb=0&cu=1626986106486&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&pe=1%3A1028%3A1028%3A3302%3A1049&fs=193224&na=1669813548&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:09 GMT

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 24ms
24ms XHR
application/json 18.157.108.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.108.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-108-214.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061830

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C25 0
0 296ms
296ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB9SQ-bB3OxJIxHPKPI9XtJZ938HaiBu5hK9THFDB3Vll3NmSrUsADnJ5_Yk5ysH9ZOn_9KCgwXVX_YzrcSAOGLOV_4GpI1SUtS2haez1iPIXPCRqXp2vuhCeCiLfvvGU7AyWB0lsKrP2gIZHFJUdeJSKAA9kpaBa8XWYEuMfu9aTQBSqkE4Y5otzgEuh9JC2Nslwof9HfZSWnTUodeeZNq6lMsJBMVX9X2qIvuM4wK6nhuSYUNDXOI8bm_hGZPfTBx8HMtEx-eyQpNEfH1YsW6X9TOMGYV2Am6A0yNm5TTQskq4LRVrN4wlILP__-NkmT25PV6Q&sai=AMfl-YTj7G4q3a17DAh10oXHdQvfGecgclgiHJm7t-2X1nSV3MFTbiUFaocqCeNDR1xDJW-qgm4bBZWPv2kGk165pVFLeI222W7Bwu-Wgeh6X63D0W3sNjZBEi7NIp9DJulM&sig=Cg0ArKJSzMz-jdY-2SsoEAE&urlfix=1&adurl=

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 unit.js Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/widget/ Frame 5C25 17 KB
4 KB 460ms
402ms Script
application/javascript 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0ec451fa90f4cbc9fbfdc6ee48dfb958ba02efc94f0bd68315fe8dc72c44c58

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 13:24:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"aeba859b56751b9b20d8b5d866a155e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id: Mj7a38rM5BpLU0BSKqbu4MOLwFiY-7NYJW5-ICX9aGDp-tPkGlLHnA==

GET
DATA 200
OK truncated
/ Frame 5C25 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec646637df8edec1d6470b1bda636d8a43102b1c4553c2270998aab34619f04

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED64 0
0 225ms
224ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaztdHtYrD9C5UAQbGSD-rRFlOnr_o98WIvvZUerP4104RJZciUt27QtwRIdCWIrwFYBOoNFt_zAR62ixTkkf1KzG0PSZ-YNYwlqo22ixLAZQLPTTESx4Pt55RSgmnIDjXWC_JEmcEv7HZiyZ_IPiwjim-LEEuKC0YA91Mfli4kef77_4FL3aTxO7tLmjhYn_pMJCNcbpF3H6qp77dntz-23VuP5Yrrn3iO1axgkGSPlIqSoo0X-H7ywJL0nzFlE4D8XJFfHM0O4fZ3u_MdVk4IpaEtHnHZLe-3_B7Eqxz6xxHjEOev5ZUG37ljGlfd_PVRgDS-A&sai=AMfl-YQGzidzErM_LnfzUPyttRUijPFwtSK_xOPBliJp_ZMvPMelqUMAnNmgQ2RZ4cYsb4O__GlfWMcM1EhdSIIH1uxOKrqPEgRRXB93v23rFleQzEoyu6Zp6KzXHL51mkIs&sig=Cg0ArKJSzOTc7pZbwdtOEAE&adurl=

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED64 0
0 58ms
58ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbmceFBer2HESkRnE8hfJfU18gfaA4UJgy2imaoaWUG1FWQUTrixS4RCqbnRTCT_8a9IYsRaH4I4KWpfeBocYxZCl_jTrErvvixJ4faFFCFZLXxZx73KyrvwlTQe7Uv36c_TGFTWp_tWRBltQsJwtdZKrdc-Z_4FCsp_iIe0_VA_KubgNA9jkyyLAM204-5eRC-689gQsPrRtqKtBrCYYtt10lb64ct-r4XxnqXCWnxH_lchHP2lqh8bF27xwX6BrMuo4Avl5uujTKTJtOlQHXNNoXcnTLCJxDk8OPaN7dCjMtUcUGbuAYXtD3RDObUieSHawSiHr4&sai=AMfl-YTJl43UO4lUpL43B1ie5APwZQKZcMsYjYyggyQXO5eXuQP3I895xwOJkVOUjb-cHXXGkPNH15hJDTTPgsuR_aDlUTxge8yo7nAy6-2BSEEmBj9iHpETa6pw4SVxyePU&sig=Cg0ArKJSzKtNRxZ6oa6VEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame AEB0 29 KB
10 KB 25ms
25ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Zi6SAP3F02lE40PrkD.rE0hX9.xAg1QP
Content-Encoding: gzip
ETag: "57fc0e97a8dfc61ae25824300663d895"
Age: 2706
X-Cache: HIT
Connection: keep-alive
Content-Length: 9175
x-amz-id-2: mAmXn2jeZkuD5HPKmvnT0RnI7ZfPtuvHozjwNLqBNUfNZosbQ1ZK/oWKqq4G9oXGdaQFJeHA/9E=
X-Served-By: cache-fra19126-FRA
Last-Modified: Thu, 08 Jul 2021 04:21:17 GMT
Server: AmazonS3
X-Timer: S1626986109.332412,VS0,VE0
Date: Thu, 22 Jul 2021 20:35:09 GMT
Vary: Accept-Encoding
x-amz-request-id: ADM3626KQD6EPNRV
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 20

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1BB7 624 B
594 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNXNdMPG1Lyh8lS8tS1llqxdMegBwU4sGs_g_FyfnSs1Wuc9390iPhzOVoXSqR9XCV0oCn5aQjDi4f67EGgncGYu4OJlysUBbo9oaObXZAM0PoBlaDS6d8BvhV-jki_m7rUeJ0XZ32D7Dld8HvpzrwpcABVKyo0aZffE_5l1yoRWmqvUsrE

Requested by

Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNXNdMPG1Lyh8lS8tS1llqxdMegBwU4sGs_g_FyfnSs1Wuc9390iPhzOVoXSqR9XCV0oCn5aQjDi4f67EGgncGYu4OJlysUBbo9oaObXZAM0PoBlaDS6d8BvhV-jki_m7rUeJ0XZ32D7Dld8HvpzrwpcABVKyo0aZffE_5l1yoRWmqvUsrE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 22 Jul 2021 20:35:09 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnwSy7QQDOjEHVArz84QJZt4uyU-vHKJzPJQEFu91OKBRzTBgePvfGToIWZ; expires=Tue, 16-Aug-2022 20:35:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AEB0 24 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6WX70W5Hyb4n4o16x_Jplw9y9o-4vUe7aKqc8b7lmaY3fi0SDbS1tPhtym6lTY9m0ewasg7XVaiBduzdKB_uObZX46TYvEk4v9dxu4Lkj4BHje0vmLBLtKYilw458p2HC4bmLXGDW0rhkNTrxl6NawQc_qw&cry=1&dbm_d=AKAmf-BkEaEZL0E2z2xpo6iGa-6sv9XUdWnZR1laOI6xXBoGzoaG-V1VNQ7Jf80zElXAM53_otKy0UIJmxCpSJzDIm4-Hh2yPDnjPKP51_Z-LCuwuY6ZgPOn4kVtftsYvkrm1rgGZRgvQGD4A-361JXxWL_DI5LLrhlm1sxAeBx2GCDuKxA5g31ozG0F5Oij0TK0OCmwicfFSWm9qVgj7Az3DytfGxGWiZIwJmxyWnqCWGSwJK8mhrBgsi--usmYQG_flepwibA9OO_OkevghRREvKtoeMfGcrXIu99S-hYHOeuKQAN5HD1eb8A1a_5OYsq_L0Hi1pAn6ntXfFrlSgTDE1Rj5fpXO25H6N6hKfLSVKMxABNn_3SGUjxAwls431I6rOwkBBZseUasRXUSDDvBOWsivfJvsw_Zg0Tu8OEHyv5B1L99mE5SV6AKhiS3P653emdQpWeQkG-UEZis1LZLcyzbrmaib2lLNTdc9BlCQcw4rughc8XgaHgRPmagbA9DfeadkdiUDa9-YoiHKS_bA1Ob_jFQMe86Qd_DELOnbrFpszwBS9Qk2li4aplVuetzCMiwNgrG5reIlDJS66k9CwIMyc4uXEbiwdfN5z4_25v0koL9RVXB1PuF15l-FjpQ1K2zO3-zaJISQfzmTBDSd4hsG8OJ46Sl9ZSU7ic_nDT3olsZwrnQ_nwOhXDHrVIdQgUfud7ldu-VLX6MZlJM7D1TflN_RxFv5IfGoTUmJ3V2HVK62Hzird-lMa4Z4azXNGwkfUeJ0H47tJDssEvTtQ1N4J0NhFST86KdtmLBcrxr6KjBwtlW5d6ZYLHzYb98iJ7n8abiEplMFZg1iv98ndv8iYaQFXMXjYpLzRIIwKf_bhmU4IDBPWifmWzwr4iXg0GaV0ptygb4DKH3Chflk6Nl9wQnMxECZpRDZLZx0sSKzAE7vlcgEPtVhDhuvVFyGQPWsUkQ9jkasJsYs0i6dmsgc5xCVApLOKqVR1eFFNoNhaREYQYlCNHVJUR_Km88g1gMKldseXvHWUz0G6A6gmS91_OcKIr0gSv1kJ8wF2xz7L4uid-RZiU7VQsdoma2t6bnAzSs-v4DpEXMiRvurhDnJQqX_pZp3EsenxOx92P1F0LKU-SPXsv6XTUHBjrD_LFUnkS4ugDgToueaarubs0QE9vVl6W85QyehY7M12osciw6kCTBdeQGpx_UYPNsT5cqNAN8zHk1r617ryszqkRYHofBpAjgPWolGpkEJxJgUuzZkCLGHW0mNr3cIP1jXSEonycV4MQl8iczK6YSZDv-XOta9lP0sj_UpCPtnb9ANcHKpddrWWomO_o1LUM-ABi3FDUtQxDdHC7iq1wCjcCOvtA4h1FjIr8tsSDTu4NGVOzQg11B06Oyoz7q4MJif0-Mj4edZl2-K0p_jsmEgbTbkE9UufQp5RUa2I5MyimC5OEDg-xdVzgdAsnDO0HwMengM7TRJmuh8owvDRrk49Q1qRuoAspH_SPDftIrFZZYjyoZ61VM1JaWd23Gy2p5O1u7C_3FEj5523zoagAoidUVng4q6i83Ka1b2PXKVrTSDshXOxDFEg0qsLKO8Assk_JEg7rj2DcK-2qDByIk9gcRnHLmc1NzcZ4fSQqp76Zy0-njcxQMSCVxU1EAHnoCuJh3BnVQMdLtaUao8GqQQZbbreFEFGja-e1AuWp9GQpmyUPIoSzWk7C0PUsCo03iv1uN_GtDYCW0hzVcQXDQO56ye6bjGJ8eCsABrKD4-xxS8xLBOxUu-FSGtDIh1gMLgvAj4U3-VfQOa_-3qCptP4Fyb7P0fbqEQ4yzZEF6XIQ8cVp5LPCAuW36Pd8EkuSiiIK9rsvp8kithAPRrUPyUfyiEfMY4RRHN4Etq0rmIe5d5BKiFX73zdghdqS3WNO8j2yJrjTwEs-T_B4arOHCCpOy3NAD0uzaQy3LOUzfE9vIYWnH5R8QVsSWrbDgIYUMuh2jjjZ0mT2vcoPUWrzT4LuajVuoGKM6o_qV8NMNWa6TwQUSV-fpLDgYbr2lFIEVHFgVwgq_xtpDBGneyb2pI7esSSJNiql0qRnIQQAiud0B0ReeAyTczqv_k9mHW2IlgAGPobHfS6QZ3myexeb8-HR7W4jZ1uT0fqPGgZRBvrDhGXVqCP3QtX7sXBHLdAm0VTynalCj_jj1BxreyjcSXuP9iUS-OBZjFOHolop6d0zR-BGLvaVfrdf4p8W8PG5h8jZqxKMxhZIqz20RNi0KViS3oLjA_hrGhIFXafI5IjaIyLdLe74pR34zOsUWU3wfGJ1AkeX7da_P0nXXKLtQXioNhpTYZLYjWfTF5S69z-n-ZlazfCh-0TVICybWklE-g2DgkLZFiIi0UNR8SxkO426hadDIRX-TMQM7pfSgMFWwr50pgVoaaFEmw1FVVIfsvNHDwDMBfb26JsjAjDFxxpmAg14YfOuh-AQr72VOcGU0atFzkzfN0A2vp6dka-6nAajl49BGoLbhS8vrsrlEU7Z20x7jEXBmWIlZIc-p6qdHm0ukquLV25QMW_BLEkZrX2MAqx7neJVgLRY8tqwaUNPkf3bYay32eYm6cCCLwdNJoWqX3MRBRMzPBNTSLH6ISYZcJJl8a6f9y6kChR5KmG2pIpVTBRkutD83zpTZzett-96CVsFF9Xx-vOidysjwFHv8esX-MT7IJZ_JZzYK7omRdtmoECWD8XXmlWtMnrxmAITKouoNkp6Xx_6RooAH4w_N_yatBU4a_eKpyc3ffdF-m3XyNGIYuCVdi91v4D3XKWFMXJ6JFkdKEKPmS5CQB5DWKE9ZODvBAIg3KquruYCA0b9JBaK4zIAfzqWB-9NGX0W8Gr15rFLtfBckVay3NBjvTuJ2PUmofwom36zM42m-g6qVh_cxd1zAdWY2u7l3j6W9leubHGMx_9dbTNVVTB672fU1LqFoxkyfDSO_VUNli0Z6odrAgLJ4KoNa6uZMZ3qK23Qhni3uq9eVKQsXieCK8zxfh6vi7ha8a2cT4LaXj1erptHPs_qj83Dp-WFbpOxVObWl2iW-P9l-RxAp1E0uzJyZfnw7vfNQrtVR--bE8WVlBtiwW1o4esIyWWhEspSmAkCpZJKz3gFrL1m81kw57S8fVOq1PENAlN344N11HwL2V4CWr_J-on9qAMo_--UqCZcIlpWNbQdpAT07cyQUVGw6&cid=CAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w&rfl=1%2Chttps%253A%252F%252Fwww.newschannel5.com%252F%240

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e6d4fba5c1ec0fcb994635bf90528b8bc8f8e068bb5309532fefb10e6fc87b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12824
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AEB0 42 B
63 B 48ms
46ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cwx5gCNQNlxVaIZX5q_YMBP54VEEoD7xg5UUccEEokyvMAdrnjiMnbzp_y9Oc386GUMkLVYRsL7YAXKFuK3vQq-0ULJyyFZQUajO_CjERCghNXfJw

Requested by

Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame AEB0 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 20:28:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEB0 124 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame AEB0 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 20:31:13 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame AEB0 0
0 21ms
20ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT86ND4GcadfhT_RzJS36ELoeNff63Z9Kt-KBlOHDZQd3nnJL21DM49wLlMZb6W5QgEzg8d4Ma-29tSbV22TeGZv-FhKw
Requested by: Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame ED64 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb7927e7c49a221c2a3d65e082514bdb2dd16a1b19383863bf0f78e174b57e99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame ED64 42 B
132 B 346ms
116ms Image
image/gif 3.21.254.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=122373&referer=https://www.newschannel5.com/
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.21.254.38 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-21-254-38.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3769 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 22 Jul 2021 19:34:44 GMT
expires: Fri, 22 Jul 2022 19:34:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7732 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

284fab6a2838aa49b6806fadf67d3e8e4f82b6b0f0d474363dfbf8e1a48f52b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lSbFhDkVkQyHJtEUR/pNuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

expires: Thu, 22 Jul 2021 20:35:09 GMT
date: Thu, 22 Jul 2021 20:35:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lSbFhDkVkQyHJtEUR/pNuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 5c4fcfab-d2a8-42ae-9d97-fa9011df9de9
https://www.newschannel5.com/ Frame ED64 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newschannel5.com/5c4fcfab-d2a8-42ae-9d97-fa9011df9de9
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1590
Content-Type: application/javascript

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame AEB0 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A6WX70W5Hyb4n4o16x_Jplw9y9o-4vUe7aKqc8b7lmaY3fi0SDbS1tPhtym6lTY9m0ewasg7XVaiBduzdKB_uObZX46TYvEk4v9dxu4Lkj4BHje0vmLBLtKYilw458p2HC4bmLXGDW0rhkNTrxl6NawQc_qw&cry=1&dbm_d=AKAmf-BkEaEZL0E2z2xpo6iGa-6sv9XUdWnZR1laOI6xXBoGzoaG-V1VNQ7Jf80zElXAM53_otKy0UIJmxCpSJzDIm4-Hh2yPDnjPKP51_Z-LCuwuY6ZgPOn4kVtftsYvkrm1rgGZRgvQGD4A-361JXxWL_DI5LLrhlm1sxAeBx2GCDuKxA5g31ozG0F5Oij0TK0OCmwicfFSWm9qVgj7Az3DytfGxGWiZIwJmxyWnqCWGSwJK8mhrBgsi--usmYQG_flepwibA9OO_OkevghRREvKtoeMfGcrXIu99S-hYHOeuKQAN5HD1eb8A1a_5OYsq_L0Hi1pAn6ntXfFrlSgTDE1Rj5fpXO25H6N6hKfLSVKMxABNn_3SGUjxAwls431I6rOwkBBZseUasRXUSDDvBOWsivfJvsw_Zg0Tu8OEHyv5B1L99mE5SV6AKhiS3P653emdQpWeQkG-UEZis1LZLcyzbrmaib2lLNTdc9BlCQcw4rughc8XgaHgRPmagbA9DfeadkdiUDa9-YoiHKS_bA1Ob_jFQMe86Qd_DELOnbrFpszwBS9Qk2li4aplVuetzCMiwNgrG5reIlDJS66k9CwIMyc4uXEbiwdfN5z4_25v0koL9RVXB1PuF15l-FjpQ1K2zO3-zaJISQfzmTBDSd4hsG8OJ46Sl9ZSU7ic_nDT3olsZwrnQ_nwOhXDHrVIdQgUfud7ldu-VLX6MZlJM7D1TflN_RxFv5IfGoTUmJ3V2HVK62Hzird-lMa4Z4azXNGwkfUeJ0H47tJDssEvTtQ1N4J0NhFST86KdtmLBcrxr6KjBwtlW5d6ZYLHzYb98iJ7n8abiEplMFZg1iv98ndv8iYaQFXMXjYpLzRIIwKf_bhmU4IDBPWifmWzwr4iXg0GaV0ptygb4DKH3Chflk6Nl9wQnMxECZpRDZLZx0sSKzAE7vlcgEPtVhDhuvVFyGQPWsUkQ9jkasJsYs0i6dmsgc5xCVApLOKqVR1eFFNoNhaREYQYlCNHVJUR_Km88g1gMKldseXvHWUz0G6A6gmS91_OcKIr0gSv1kJ8wF2xz7L4uid-RZiU7VQsdoma2t6bnAzSs-v4DpEXMiRvurhDnJQqX_pZp3EsenxOx92P1F0LKU-SPXsv6XTUHBjrD_LFUnkS4ugDgToueaarubs0QE9vVl6W85QyehY7M12osciw6kCTBdeQGpx_UYPNsT5cqNAN8zHk1r617ryszqkRYHofBpAjgPWolGpkEJxJgUuzZkCLGHW0mNr3cIP1jXSEonycV4MQl8iczK6YSZDv-XOta9lP0sj_UpCPtnb9ANcHKpddrWWomO_o1LUM-ABi3FDUtQxDdHC7iq1wCjcCOvtA4h1FjIr8tsSDTu4NGVOzQg11B06Oyoz7q4MJif0-Mj4edZl2-K0p_jsmEgbTbkE9UufQp5RUa2I5MyimC5OEDg-xdVzgdAsnDO0HwMengM7TRJmuh8owvDRrk49Q1qRuoAspH_SPDftIrFZZYjyoZ61VM1JaWd23Gy2p5O1u7C_3FEj5523zoagAoidUVng4q6i83Ka1b2PXKVrTSDshXOxDFEg0qsLKO8Assk_JEg7rj2DcK-2qDByIk9gcRnHLmc1NzcZ4fSQqp76Zy0-njcxQMSCVxU1EAHnoCuJh3BnVQMdLtaUao8GqQQZbbreFEFGja-e1AuWp9GQpmyUPIoSzWk7C0PUsCo03iv1uN_GtDYCW0hzVcQXDQO56ye6bjGJ8eCsABrKD4-xxS8xLBOxUu-FSGtDIh1gMLgvAj4U3-VfQOa_-3qCptP4Fyb7P0fbqEQ4yzZEF6XIQ8cVp5LPCAuW36Pd8EkuSiiIK9rsvp8kithAPRrUPyUfyiEfMY4RRHN4Etq0rmIe5d5BKiFX73zdghdqS3WNO8j2yJrjTwEs-T_B4arOHCCpOy3NAD0uzaQy3LOUzfE9vIYWnH5R8QVsSWrbDgIYUMuh2jjjZ0mT2vcoPUWrzT4LuajVuoGKM6o_qV8NMNWa6TwQUSV-fpLDgYbr2lFIEVHFgVwgq_xtpDBGneyb2pI7esSSJNiql0qRnIQQAiud0B0ReeAyTczqv_k9mHW2IlgAGPobHfS6QZ3myexeb8-HR7W4jZ1uT0fqPGgZRBvrDhGXVqCP3QtX7sXBHLdAm0VTynalCj_jj1BxreyjcSXuP9iUS-OBZjFOHolop6d0zR-BGLvaVfrdf4p8W8PG5h8jZqxKMxhZIqz20RNi0KViS3oLjA_hrGhIFXafI5IjaIyLdLe74pR34zOsUWU3wfGJ1AkeX7da_P0nXXKLtQXioNhpTYZLYjWfTF5S69z-n-ZlazfCh-0TVICybWklE-g2DgkLZFiIi0UNR8SxkO426hadDIRX-TMQM7pfSgMFWwr50pgVoaaFEmw1FVVIfsvNHDwDMBfb26JsjAjDFxxpmAg14YfOuh-AQr72VOcGU0atFzkzfN0A2vp6dka-6nAajl49BGoLbhS8vrsrlEU7Z20x7jEXBmWIlZIc-p6qdHm0ukquLV25QMW_BLEkZrX2MAqx7neJVgLRY8tqwaUNPkf3bYay32eYm6cCCLwdNJoWqX3MRBRMzPBNTSLH6ISYZcJJl8a6f9y6kChR5KmG2pIpVTBRkutD83zpTZzett-96CVsFF9Xx-vOidysjwFHv8esX-MT7IJZ_JZzYK7omRdtmoECWD8XXmlWtMnrxmAITKouoNkp6Xx_6RooAH4w_N_yatBU4a_eKpyc3ffdF-m3XyNGIYuCVdi91v4D3XKWFMXJ6JFkdKEKPmS5CQB5DWKE9ZODvBAIg3KquruYCA0b9JBaK4zIAfzqWB-9NGX0W8Gr15rFLtfBckVay3NBjvTuJ2PUmofwom36zM42m-g6qVh_cxd1zAdWY2u7l3j6W9leubHGMx_9dbTNVVTB672fU1LqFoxkyfDSO_VUNli0Z6odrAgLJ4KoNa6uZMZ3qK23Qhni3uq9eVKQsXieCK8zxfh6vi7ha8a2cT4LaXj1erptHPs_qj83Dp-WFbpOxVObWl2iW-P9l-RxAp1E0uzJyZfnw7vfNQrtVR--bE8WVlBtiwW1o4esIyWWhEspSmAkCpZJKz3gFrL1m81kw57S8fVOq1PENAlN344N11HwL2V4CWr_J-on9qAMo_--UqCZcIlpWNbQdpAT07cyQUVGw6&cid=CAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w&rfl=1%2Chttps%253A%252F%252Fwww.newschannel5.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 20:29:03 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AEB0 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71460
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jul 2022 00:44:09 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1BB7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwXfk7bPoT-ViP1usPcGeM&google_cver=1

43 B
1014 B

88ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwXfk7bPoT-ViP1usPcGeM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNXNdMPG1Lyh8lS8tS1llqxdMegBwU4sGs_g_FyfnSs1Wuc9390iPhzOVoXSqR9XCV0oCn5aQjDi4f67EGgncGYu4OJlysUBbo9oaObXZAM0PoBlaDS6d8BvhV-jki_m7rUeJ0XZ32D7Dld8HvpzrwpcABVKyo0aZffE_5l1yoRWmqvUsrE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:35:09 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHwXfk7bPoT-ViP1usPcGeM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1BB7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPnWffjI-0-BuMUFOiiy6gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpWpxwJbbpkaNTqzi3awDg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpWpxwJbbpkaNTqzi3awDg&google_cver=1&C=1

43 B
1014 B

35ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpWpxwJbbpkaNTqzi3awDg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNXNdMPG1Lyh8lS8tS1llqxdMegBwU4sGs_g_FyfnSs1Wuc9390iPhzOVoXSqR9XCV0oCn5aQjDi4f67EGgncGYu4OJlysUBbo9oaObXZAM0PoBlaDS6d8BvhV-jki_m7rUeJ0XZ32D7Dld8HvpzrwpcABVKyo0aZffE_5l1yoRWmqvUsrE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:09 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Jul 2021 20:35:09 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDpWpxwJbbpkaNTqzi3awDg&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1BB7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGVt0THsrn_DCAr_yvOBdrc&google_cver=1

43 B
1006 B

62ms
62ms

Image
image/gif

185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGVt0THsrn_DCAr_yvOBdrc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYw6SRLzAB&v=APEucNXNdMPG1Lyh8lS8tS1llqxdMegBwU4sGs_g_FyfnSs1Wuc9390iPhzOVoXSqR9XCV0oCn5aQjDi4f67EGgncGYu4OJlysUBbo9oaObXZAM0PoBlaDS6d8BvhV-jki_m7rUeJ0XZ32D7Dld8HvpzrwpcABVKyo0aZffE_5l1yoRWmqvUsrE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:09 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c2ee2598-2d6b-43cd-8027-e46d96d7b4a9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGVt0THsrn_DCAr_yvOBdrc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1BB7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3MDAwNDY5MDM3ODkxMzg1NQ%3D%3D

170 B
243 B

40ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3MDAwNDY5MDM3ODkxMzg1NQ%3D%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:09 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b2148dd7-538a-401b-aca7-c7589267a74a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI3MDAwNDY5MDM3ODkxMzg1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 5C25 42 B
133 B 272ms
114ms Image
image/gif 3.21.254.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=646823&referer=https://www.newschannel5.com/
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.21.254.38 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-21-254-38.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
BLOB 200
OK 372a1804-81db-485b-91a4-ffb4ef0b3f80
https://www.newschannel5.com/ Frame 5C25 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newschannel5.com/372a1804-81db-485b-91a4-ffb4ef0b3f80
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1590
Content-Type: application/javascript

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E32F 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 22 Jul 2021 00:44:09 GMT
expires: Fri, 22 Jul 2022 00:44:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 71460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dfkx1snbhmf9 Show response
hal9000.redintelligence.net/zone/ Frame AEB0 11 KB
4 KB 1124ms
55ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/dfkx1snbhmf9?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCosm6fNb5YOayMIvE-gauwL3gA7v6hIpXn8Oo5tEK8C4QASDmlIUYYLn4x4DcAcgBCakCBWVFw1PHsz6oAwGqBPMBT9CQDF_zGqWAcBRuOG27XsHwGT81W6DhxomKgEta0vO_UEoU8YQlCsqkMrDH0VYEwTJehVkUY6UpuvQxV3MTf1ACS2KX_5DMDNaxH0KwJi_hXPzJx1O4GYWJ6in7dX1-eHfjDamoIUyECKxMOy80sfgDDu_zHQWgz6_ht-7RwAH0FEzdn9YmIDouwF5ErEScqufnB9elQTop30mjrBYSQpdIVF-zbLaAjp2VLSq5snsIqfR2XMl5kfaK2wRdeUvk9djXQ8-qQyNm7q8MiGmwJi15YASLVospT6O9ZOFeXzxor1HKiHRHJi5LS8kt4n9u5pt9wASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w%26sig%3DAOD64_3r2puR48aMfz_dYB6uILjo7-37aQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B1wlKu4K8RsE5HTGEBXjD0XCsk_G60_MLihXXLvdWmfdcImT6pZNXLNePjtXa0hNDBanbR_mKo0afCH6ODaBcFxs0QuxWYq6cV-4NyOXHV2xK8H6M_ZniKBiN8MX1Y0ci90BGsPole56DDJ5yRQFhHrLgzvA%26cry%3D1%26dbm_d%3DAKAmf-AtYMF7ndKhvfJez_H_62A9_ECZbLMmFHe46Xd6JAU3h6E6VkT5m_-_ubJ1iCJUFvM3MnBmuM6_fME8BpQgnr1vSZFu30GWMGtcwasir4rcbg--0bNx-2ms3F0JpFs1KisYjSZSMWeZU0R7ZysSVn-n5hGzvqd-ZlbOVhre2CfxrUK-Z0hAVH12qjU9UmoCDVCemzp1-eNjt6wjL3M43v-2FqCWIJp0RmmHUWFGlk0_Nkj9x7Yjpg3US4xFtZQubvWNmMKIrBvg16yt4RAxIO3AR77kCXpYrsB_-t30o6E6zbGNM3DVaiPgWm3HsAff2z3mL6le54SjmnAC5TxoXTaclraNKcBxeXCmPP4ORYrhU1yyCjrCc5Y2ikqIMwxiqCjvH18lBgLqgtHjkJvedMeYLmepvm5DE3KDvIKdzSnmEMycwDpd2Dl0tmUxG3vjNVwJHu5h%26adurl%3D
Requested by: Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: abbcea624e983f15d50f37217c40f6d4b7b049aee7122b572ef6d7e040286e8f

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:10 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3917
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3-29 200 K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3769 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13214
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:31:01 GMT

GET
H3-29 200 K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js Show response
pagead2.googlesyndication.com/bg/ Frame E32F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13214
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:31:01 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 32ms
31ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=3169&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=0&ag=53&an=0&gf=53&gg=0&ix=53&ic=53&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=53&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=106&cd=0&ah=106&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=455088262&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 80BA 6 KB
774 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5d120e4c9518f2c174f25a66be07ad20486f24114fa06f88bb736db5519c9678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 20:20:34 GMT
server: ESF
date: Thu, 22 Jul 2021 20:35:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 80BA 71 KB
24 KB 31ms
30ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

53be3647fbf2ee02da05b009aa8c27abd53bae6d8e848937a7f185f36768eff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "937 / 280 of 1000 / last-modified: 1626952271"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24845
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 cool-by-consumable-2.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 80BA 6 KB
3 KB 25ms
25ms Image
image/svg+xml 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/cool-by-consumable-2.svg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 13:24:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"f7152d7a85b77d8f0ddc9786ef9cc0b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id: jb35zQ3mxz2BqzlfQq_aWmkZ8FuVPHKylvdAl1FrECEzUl7rdGPajg==

GET
H2 200 brid.min.js Show response
services.brid.tv/player/build/ Frame 80BA 284 KB
78 KB 88ms
31ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.min.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f501f0dc7902362b7eadb932b3e02a67b2c37fee0b95dff75bb34f311ada35c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:26:13 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 10:17:54 GMT
server: AmazonS3
age: 598
etag: W/"f8be98ed87d3c143dd2d75cc4a30a700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: max-age=1200, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ifNGMW38ZAaPh6N8eeUAxlLLFM_F0WSqKKudgLz_o4tkosQyuse_sg==

GET
H3-29 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 80BA 329 KB
115 KB 30ms
30ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ Frame 80BA 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 80BA 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 80BA 8 KB
5 KB 250ms
249ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1872048134643675&correlator=948325067448389&output=ldjh&impl=fifs&eid=31061423%2C31061848%2C20211866&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=133810016%2CCompanion_units%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d-companion&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&cdm=www.newschannel5.com&bc=31&abxe=1&lmt=1626986109&dt=1626986109874&dlt=1626986109687&idt=163&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=985&adys=1598&adks=1279007740&ucis=g80bx27ps9r&ifi=1&ifk=3883139631&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.newschannel5.com%2F&top=https%3A%2F%2Fwww.newschannel5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=548592405.1626986110&ga_sid=1626986110&ga_hid=728033651&ga_fc=false&fws=260&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

1ed11343d12c0970cdd50d56bd0826805603af5c08cabba4ac5b3603bc65b689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4646
x-xss-protection: 0
google-lineitem-id: 5345365560
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138308527878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4F4C 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 22 Jul 2021 20:35:09 GMT
expires: Fri, 22 Jul 2022 20:35:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adunit.js Show response
services.brid.tv/player/build/plugins/ Frame 80BA 30 B
423 B 26ms
26ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/plugins/adunit.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 15:20:30 GMT
content-encoding: gzip
last-modified: Wed, 06 Jun 2018 07:10:50 GMT
server: AmazonS3
age: 31478
etag: "00472f99064e3d4328bd208da8c0b958"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 50
x-amz-cf-id: rUOQSUhISmKYPGNIweYj-MynfmN0HBHkKCln5b0Rl2gCzYI5mIASXw==

GET
H2 200 consumable.min.js Show response
services.brid.tv/custom/ Frame 80BA 2 KB
3 KB 30ms
29ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/custom/consumable.min.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e160fa87d6a461066b724fb344a26dddce1f71b15eac09bd7215c5e13e9386bb

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 08:01:31 GMT
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
last-modified: Tue, 18 May 2021 10:16:03 GMT
server: AmazonS3
age: 45219
etag: "73e17e89dd91e3d42005f1cd54f03a2f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 2362
x-amz-cf-id: C3z6NhKAjRPhJO9XaFlIKF97e0RKZ91pp-o3yXRV9sllFKYDxi3BSw==

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=3181244825074911&bg=!e3ileDzNAAbnC78O5ws7ACkAdvg8WjPNG74Kh1PQ2UH5NzdvRSwvWxbYHSECE-jHcAOCPOaz6LbS-AIAAAEvUgAAAEloAQeZAnHgf4iLRJe_BNZfUoN1F0cpHBbrZOfkIRut6lVoealoQmADa8VH4oSqTpPv4TpPOEWUuBu8pdSWa6T8jsuEGsYkdlwZCeme28ig-al0pdj-Gh01kcq-d-MdC0gOdLFYs5U8TkEAuWHmiuGvH9YNMCWCRAKA1OryK2ZTTn9qFvn6qpN0gLmxZH1Qy-vHaSoHeOqhRCjT7Aj71B_Pplbay_vV7FNuEONdakWy3vt29GOMPILWIqB5_FhFQh61Pp81qwI1vfyqZQ9BZinoCEpGfocKjWCpYjTf5vtPj3vndqxr6P4Ja43bwdWEySSdE2GpMIlbSZz826KQ1ZFPkxNeVAL3ImsYb18BbQqKSDFmyv3S1Q2n3Rpn0GvUtL0vx1BNkjCJvekqGp53IVg-4yr0q4a5Yrq4wrt9SYiaU04RJAXHc6J2EKFxSnwiEKHce2ILcHezTRAcFL0WidcayXOOrFtDvCcGlnk_Dx2XF6fXWsppaCmfHsMcxzwYGhHUp3OEQPBVsfW2JrzUtABvQdDnUBWD0uftrxbKCz62jYASYRQQCSTIUuPSNRbbu-NDbRjrI2miuD6uQoXi14hZ9SdIJ6n4EbH1TL29qAVuj44RAk7zIcRDd88VVSmIQYMJWZLaEB-cFyobzZaAb6TvrUEiiCzKp8lM0_caVg7Gr_S86Byg9oiyEGz5Mac22JhMj7dyB2h3AzK0coNGiLXlrFbuezFrR7BMso528XB13MH93QOtPuQXcQzziAg0i4jL-JKCKzVz57Hbi3NXAzg0_r_OGVBMI-ixpS7Bg5ygnSdPSZAkQhUbOIfyiQZ-mkrGwU0DTSZK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E32F 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXBvRfdb5YIHbFIKM7gPonYWQDwAAAAA4AeAEAg&bg=!xcalxoLNAAbnC78O5ws7ACkAdvg8Wv3lTqd7n4873Q4yzsYbLQ4G3SJLlahThfDsJmzb3tGrLbVC1gIAAAE0UgAAACFoAQcKAIJIRt_E6D6DRB4qKXDQ7-p_c0ks-j1BOwCDDDAGfj-APTJl9FM5DiT2vSckBAlZhVpn9lD60qIIdXuoRMI7-OvVHDfKuSsDf0mmzOTg6fQh7Q5WIULR3bPqkx8SyzvS_JJiamwxCvqN9iMm4aYP07CGFjG8QgnuKUCjv1CA2HYO-R2cmQLEkGoz5PxrCxRzF890660AfUylrxWrm1GkHlfLiFGjhRmsMp8scHCMS_UCnqI1SKqGh4t3LiB3ziXGPNfkb2NgLe3yUhI8bxKGZQHVu6dklbv_5bYLpx-AZbWTWouqRVWxYrAGWMCkScoGC1Ed1veptGQR_nvaohIkf272Z1B5W1Iq8f2wwmJU6auM-dq10J0S--e-rMjwW_maR6QsYIVuZOG-O0D-aZZiUGWtIe8pzU5De12KdZ5b-AOs6EYSerGJFFCORNOfUgg12K2p5Bf5G39X961101WhrUzqP8dnF2pRjgU-4ba-Wo-uA9Kvu3_AKg6Gvk16-H-LZ-RbmR8quTPZrBuV0x53OQeKSXX0dvnztXCaVlx61EgdneI1M6d5s0-YjVYqjqltV-qST9_1ENS7xCqi6-3MaVrkSlWrfNUD0eh5maSUkSPFneBqtGOdWpgVsYb-FjdT4Fw-kmxX-HHiTzdi-7NS1djnAKnsRW__c0DpfGRk5CmI8mETEixYqx2rHh_KJTx73K6ygWrPOGFEQtZtb5-QfXB8d9gT1iW4Ctq2Zzcn4J1fZECfFMihX9YVd43dE12uYPnx1VkyCF_xVUsvQjtpRl7_nzs0CZ6gJnKUTNOp4h2mWSQtm_Kibx8hK-0NXjYL0zfhHc36Tz1Qslu_JL55epp5T2S09XVpwHDFqXPusKd1mJvvOSxw2WfSgZOp0T20Aa6vHHFHgfqfI2VL9puBL2CkVCwmKlyr3CCDf0uajAbV-LVSjALRP_OTQ-4tHgEuxjy1j-qJVIPQJamS1TOECBMSyC33Ni0bV0kuyy_e89Mbs_BCQtIXO_M29FSuY55d5HgsNvxDevn6NS5VZxR8ApBccQBRgjp9kZwimRUUO212k_jY6LYZhQhZ0BVY7lw3ACuknXTVZH_Je0vduGgmshmIo9RHFt7EBt25

Requested by

Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe.js Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/widget/ Frame 80BA 385 KB
120 KB 31ms
31ms Script
application/javascript 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 310254a1f7adc8c93a263552cf64f9edb0ee77e5cddd38e4af4deabafd3eb29e

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:09 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 13:24:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"ba50755520694b1166923cf7edefaabe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id: mK1yw_cMORMr9d8rwu73XHmZkqgcWTA8ngtrNVqkL3VwAZn-ikrrcg==

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5C25 0
0 58ms
57ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh9HwsI-4_R8LTgfLx6RUxyUusrac12qU-C40j7shavoLYrBAuwdcmt33fvW_UFcVfjrkOaz8X2yda5cKn4vf6UyuG_YgOt-gqNgFcM34YYXvsRJApd_DnfU05I_CYZprltJ50SnTMKRLRAX8Ek0JAgsMVmuQrLr1KBjEINqAHNV21PCG7aUadhe0_3ahF3jFf7UN4ZI6ZzwWJPJLII4I2NVR0N6vVcXk6kpFwBADn4aOcec409IzMG73M-wPiraH_w4u-NxzZZzYwbOsd140Nx7iyKpPLqTEvJzgdUBBece-SzRlrv89MAgjukXsBFNBu3Gd092b9&sai=AMfl-YQ3ky11v1Aqr4yJ0O7oqX2CqIHWYIkFgs7Lb6YegJ58vi8QW2tVeK821Wj48HWy0nikUCSVbroCLE59qZbYN9JL91HjpxBTzUndy__n46fee5wm_NZZ5HseO6CMy3Eq&sig=Cg0ArKJSzM7Tbc0Y8a3VEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H2 200 action.json Show response
yummy.consumable.com/8580/cnsmbl-video-970x250/js/ Frame 80BA 2 B
454 B 496ms
446ms XHR
application/json 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/js/action.json?ac=IMPRESSION&fp=&a=%7B%7D&ts=1626986110072&tba=0&et=0&furl=https%3A%2F%2Fv.traileraddict.com%2Fvidtest.php&dd=0&vi=false&vd=0&sid=2239b5d4-49b2-4262-f008-5fb5e9f5cfcb&cb=1626986110073&hr=https%3A%2F%2Fwww.newschannel5.com%2F&hn=www.newschannel5.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Tue, 01 Jun 2021 13:24:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d751713988987e9331980363e24189ce"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 60
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 2
x-amz-cf-id: 4RfzgyCgZVSkiPmHB7CaHFGIijrNsFa5_FGXOa9IxYD4odP15_5Z5A==

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 80BA 0
163 B 76ms
26ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=2000&ts=1626986110081&src=pbjs
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newschannel5.com
date: Thu, 22 Jul 2021 20:35:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 avjp Show response
gift-connect-d.openx.net/v/1.0/ Frame 80BA 106 B
299 B 31ms
26ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.newschannel5.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=875428d0-7f6c-440d-a488-0a2fd56a4c13&nocache=1626986110084&schain=1.0%2C1!consumable.com%2C2000248%2C1%2C%2C%2C&auid=541033538&vwd=640&vht=480&
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
via: 1.1 google
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.newschannel5.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content 284289 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 80BA 0
1 KB 114ms
40ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/284289
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

X-spotx-Exception-RESULT: exception
Date: Thu, 22 Jul 2021 20:35:10 GMT
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
X-SpotX-Timing-Transform: 0.000480
X-spotx-Exception-Message: SpotMarket execution was halted.
X-SpotX-Timing-Page-Mux: 0.001958
X-spotx-Exception-conf-Message: Channel ID '284289' has no active deals.
X-SpotX-Timing-Page-Require: 0.000922
X-fe: 011
Connection: keep-alive
X-SpotX-Timing-Page: 0.010110
X-SpotX-Timing-Page-Cookie: 0.000003
X-spotx-Exception-conf-ID: SPOTMARKET.DEALS_INACTIVE
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000808
Last-Modified: Thu, 22 Jul 2021 20:35:10 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.003446
X-spotx-Exception-conf-RESULT: failure
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newschannel5.com
X-SpotX-Timing-Page-Misc: 0.002450
X-SpotX-Timing-Page-Exception: 0.000023
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000020
X-spotx-Exception-ID: SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket: 0.003446
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 80BA 0
120 B 128ms
90ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newschannel5.com
date: Thu, 22 Jul 2021 20:35:10 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 80BA 24 B
576 B 150ms
91ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=489464&v=8.1&r=%7B%22id%22%3A%2291b7cb55dae2d9%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210e9a71629120eb%22%2C%22ext%22%3A%7B%22siteID%22%3A%22489464%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22size%22%3A%5B640%2C480%5D%2C%22context%22%3A%22instream%22%2C%22mimes%22%3A%5B%22application%2Fjavascript%22%2C%22application%2Fx-mpegurl%22%2C%22video%2F3gpp%22%2C%22video%2Fmp4%22%2C%22video%2Fmpeg%22%2C%22video%2Fogg%22%2C%22video%2Fwebm%22%2C%22video%2Fx-m4v%22%2C%22video%2Fx-ms-asf%22%2C%22video%2Fx-ms-wmv%22%2C%22video%2Fx-msvideo%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A120%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22linearity%22%3A1%2C%22w%22%3A640%2C%22h%22%3A480%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.newschannel5.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22consumable.com%22%2C%22sid%22%3A%222000248%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e51f4aacc34104f5bf1f91f22e82941c52604867525a876cd65eee2c8f8ecdd3

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:10 GMT
Content-Encoding: gzip
X-AK-INITIAL-GEO: CC:[BE], RC:[], CN:[EU], CIP:[77.243.191.244], XFF:[]
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newschannel5.com
X-CS-CLIENT-GEO: 28
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44
X-AK-CLIENT-GEO: 28
Expires: Thu, 22 Jul 2021 20:35:10 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 80BA 173 B
387 B 72ms
25ms XHR
application/json 18.194.193.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.193.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-193-174.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 57bebbafc95fac4106aa8b36167dfc9d0d3973d388e8ce0a3b1844557f9480a0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 80BA 139 B
825 B 272ms
272ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5515ea33e1936f6be7aedac81bdd492c5ddb5df0727a8458c06abd490d22e3c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:10 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 85e73fdc-ef6f-476c-9782-ee2c0121e446
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.newschannel5.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 80BA 153 B
797 B 95ms
36ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F133810016%2FScripps%2Fscripps-8580-cnsmbl-video-970x250-dr-d%7C166c611ff62145a%22%3A%22%22%7D&ref=https%3A%2F%2Fwww.newschannel5.com%2F&s=6cfef166-87fb-43f9-909c-f368503027a8&pv=e8c7c947-6a64-4f6f-b947-6da47a8187ae&vp=tablet&lib_name=prebid&lib_v=3.10.0&us=999&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22consumable.com%22%2C%22sid%22%3A%222000248%22%2C%22hp%22%3A1%7D%5D%7D&

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

beaee7e6acb9d4269bd59591d7c670cc889072684a1f64625f213c400817249d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:10 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.newschannel5.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 178
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 80BA 0
221 B 311ms
236ms XHR
application/json 3.120.211.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Consumable
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newschannel5.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 tag Show response
vtrdn-wjdav.ads.tremorhub.com/ad/ Frame 80BA 55 B
422 B 638ms
216ms XHR
application/json 2600:1f18:612b:4264:5c8e:cd57:8c3a:71f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrdn-wjdav.ads.tremorhub.com/ad/tag?adCode=vtrdn-3yglg&playerWidth=640&playerHeight=480&srcPageUrl=https%3A%2F%2Fwww.newschannel5.com%2F&supplyCode=vtrdn-wjdav&schain=1.0,1!consumable.com,2000248,,,,&transactionId=875428d0-7f6c-440d-a488-0a2fd56a4c13&referrer=https%3A%2F%2Fwww.newschannel5.com%2F&hb=1&fmt=json
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:5c8e:cd57:8c3a:71f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 53de68ab3d675630d6fef44e368929af5eaf38d4b891e58fbaa9d7e4bf2dfc8c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: application/json;charset=UTF-8

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9642 0
0 58ms
58ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnZ_7KA4ZhMnpmk521yXqAEawEQ1ppHrhE5pZrYud5Egbx-jG94w8ayU_KbAyMsuVpdjIYQMhpcpJCz3zLJfxkpMEczPW9vhjIMRL244VuCH3SdIrSZo-WCTMhiipci7u6GMoO1LkjvAylqu6UJT3Ms3DLnnprwr0QLWddHTavvydbRRw8QaOCNyn_SrjBzV4-NfMqOmG0VVJSBU8JKr6io_JXpZ85l3xYY9doKtxiNl_CTcESi3V6gFTd4RbmnrpOuCXzDEYEIxbgfKfBx8nlJsV48-r0-qt2CA2gy1oABohOBbEGwlDfBv1yxtUExk9xwnwFOyFU8BXDcYLIgoRq_GzfY056H4G75REXo_q-BlT1FNzS363CaqxvXGn9JlE2i0_L-nlIOemF&sai=AMfl-YRKGmfYS2-duRy64VmdDolcdrcpnTapRMNYk3q07inqJYaS1-nizV9I-CHTcQQ0xeQ8O3CUU3f88gA7zFHxMal_mindQxjv_jHS6tUT0siCYVk_9cCaGzQTcrdRmVY&sig=Cg0ArKJSzMZKjwAzcNAXEAE&urlfix=1&adurl=

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H2 200 unit.js Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/ Frame 9642 12 KB
4 KB 25ms
25ms Script
application/javascript 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1626986110153
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a83de1970f1a75f0b62762e5e592c69c72f5fda330641689fa8fc9ae0594a6e7

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
last-modified: Mon, 31 May 2021 17:20:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"379bca22f046916b450240b7b3ce700b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id: kRS-6XZVuX-TK5nRkpcH1AqDKEGUr_8gzsVDvNL4XP6YVkA6KZWUiQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9642 124 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80BA 73 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736025986498"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28059
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 80BA 11 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e1d714eb714b2bfa48502026802ccaa8c5a9c62817d716a4b30983db5a7341b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8518
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9642 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 234d7d2f926536c1eebf578704318e5f217d5825319b3723735f0635397c1205

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 80BA 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9642 0
0 64ms
63ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvavMOzZqGtmyaWhvUbMNI7yNj4fS1JXjsx9wGqzeEI28e59iGkWK7I6ZUcnJTkgIhtoOOv9JBnwFlpR2mppCIntQ2QFSqgpNE2nNDbE6gB65I9RNXzmVJcoJMi79ShQPegwd1aUT8Ie7yxGsaY7H2ZzAwnSEadmhsQKZBLBCwPSXrAFgnKU6wVxcL8kUfBIN35wHHFmCsru3sKRuMgx7sUh6RXe0IpoQIXUU6g1lohnhlbfgUB78UQ0i90LucQn6vX7OnJgk0FmYKbxtI0YD8SWvmWbUQCtglsEpmu_6NAGxxuKlE3QJOiJRrkTyxejrKQ7VLsG3iU-qmgqY0HMzrrS0Lnrqd5CuPvG8GDozF7tT2BCMJXHWI0qdk_J6LYcNICuiChho8kJsmljBE&sai=AMfl-YQWp5ctWeE2k0pVhdsgQBQB9pQekLKU2n7o13sqealzyyDipJSxoLe43O5ZkcwXZBBl3kBhIMNsTzNGNSLUA2dSFRDeM7isY0UtrZNFzQ_5rYFRm6a90c5B4gHTNoM&sig=Cg0ArKJSzCNOu1Calm7BEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 7810 71 KB
24 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1626986110153

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735af02bdc21f0ad4af779f096620339dcbb295517a220b020ecde96dd187b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "937 / 276 of 1000 / last-modified: 1626952271"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24845
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ Frame 7810 116 KB
37 KB 321ms
47ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2_1
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3260df863f0b8885df2b94c3ff6c662c3cbfd738dbea29f20a438918e74bbcf

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:10 GMT
Via: 1.1 varnish
Server: nginx
Age: 254
X-Served-By: cache-fra19147-FRA
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript;charset=UTF-8
Content-Encoding: gzip
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1626986111.548130,VS0,VE0
Content-Length: 36967
X-Cache-Hits: 70

GET
H2 200 iframe.js Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/ Frame 7810 257 KB
82 KB 237ms
236ms Script
application/javascript 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/unit.js?cb=1626986110153
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7fc9be9482dd28a187295048364890d118f5490653638735d190c27f98dfd9e

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
last-modified: Mon, 31 May 2021 17:20:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"c8eb2426218f51c6126a4fcf3041a5ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-id: G1KpDEgOwYhKMXdt7GHnMt2B4PwBcW-2aHfo-3fKif_2BxmmP8e6jw==

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1EE3 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 22 Jul 2021 19:34:44 GMT
expires: Fri, 22 Jul 2022 19:34:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6B44 783 B
781 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db6cc9cee48f4e989dd47ad212dc7ce4f82ab2e9a4148a1904b319f7ed970ffc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XEachnRvPtyjaW6JzZCGjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

expires: Thu, 22 Jul 2021 20:35:10 GMT
date: Thu, 22 Jul 2021 20:35:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XEachnRvPtyjaW6JzZCGjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7810 329 KB
115 KB 88ms
87ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H3-29 200 K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EE3 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13214
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:31:01 GMT

GET
H2 200 action.json Show response
yummy.consumable.com/8766/cnsmbl-container-300x250-ads/js/ Frame 7810 2 B
456 B 429ms
428ms XHR
application/json 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/js/action.json?ac=IMPRESSION&fp=&ts=1626986110526&tba=0&et=0&furl=&dd=0&vi=true&vd=0&sid=6929ff1f-802c-4e5d-0f28-4e8bdb0938ab&cb=1626986110527&hr=https%3A%2F%2Fwww.newschannel5.com%2F&hn=www.newschannel5.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
last-modified: Mon, 31 May 2021 17:20:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "d751713988987e9331980363e24189ce"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 60
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 2
x-amz-cf-id: MWeoqwgNVQGVQOhQ1mD-TBVGEBKpZkb2vxuMkldzySBrYXJNcAjSkw==

POST
H2 200 v2 Show response
e.serverbid.com/api/ Frame 7810 16 B
174 B 131ms
130ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newschannel5.com
date: Thu, 22 Jul 2021 20:35:10 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame AEB0
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

610 B
937 B

172ms
116ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCosm6fNb5YOayMIvE-gauwL3gA7v6hIpXn8Oo5tEK8C4QASDmlIUYYLn4x4DcAcgBCakCBWVFw1PHsz6oAwGqBPMBT9CQDF_zGqWAcBRuOG27XsHwGT81W6DhxomKgEta0vO_UEoU8YQlCsqkMrDH0VYEwTJehVkUY6UpuvQxV3MTf1ACS2KX_5DMDNaxH0KwJi_hXPzJx1O4GYWJ6in7dX1-eHfjDamoIUyECKxMOy80sfgDDu_zHQWgz6_ht-7RwAH0FEzdn9YmIDouwF5ErEScqufnB9elQTop30mjrBYSQpdIVF-zbLaAjp2VLSq5snsIqfR2XMl5kfaK2wRdeUvk9djXQ8-qQyNm7q8MiGmwJi15YASLVospT6O9ZOFeXzxor1HKiHRHJi5LS8kt4n9u5pt9wASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w%26sig%3DAOD64_3r2puR48aMfz_dYB6uILjo7-37aQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B1wlKu4K8RsE5HTGEBXjD0XCsk_G60_MLihXXLvdWmfdcImT6pZNXLNePjtXa0hNDBanbR_mKo0afCH6ODaBcFxs0QuxWYq6cV-4NyOXHV2xK8H6M_ZniKBiN8MX1Y0ci90BGsPole56DDJ5yRQFhHrLgzvA%26cry%3D1%26dbm_d%3DAKAmf-AtYMF7ndKhvfJez_H_62A9_ECZbLMmFHe46Xd6JAU3h6E6VkT5m_-_ubJ1iCJUFvM3MnBmuM6_fME8BpQgnr1vSZFu30GWMGtcwasir4rcbg--0bNx-2ms3F0JpFs1KisYjSZSMWeZU0R7ZysSVn-n5hGzvqd-ZlbOVhre2CfxrUK-Z0hAVH12qjU9UmoCDVCemzp1-eNjt6wjL3M43v-2FqCWIJp0RmmHUWFGlk0_Nkj9x7Yjpg3US4xFtZQubvWNmMKIrBvg16yt4RAxIO3AR77kCXpYrsB_-t30o6E6zbGNM3DVaiPgWm3HsAff2z3mL6le54SjmnAC5TxoXTaclraNKcBxeXCmPP4ORYrhU1yyCjrCc5Y2ikqIMwxiqCjvH18lBgLqgtHjkJvedMeYLmepvm5DE3KDvIKdzSnmEMycwDpd2Dl0tmUxG3vjNVwJHu5h%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newschannel5.com%2F&ancestorOrigins=https%3A%2F%2Fwww.newschannel5.com&random=7514093424559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 769249823d1ad5e73fc88c0f72ffc05b8605923e6b92b506bc40a71a198b80b6

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:10 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 80012300171879700628834011663005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 331
Expires: Thu, 22 Jul 2021 21:35:10 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:10 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCosm6fNb5YOayMIvE-gauwL3gA7v6hIpXn8Oo5tEK8C4QASDmlIUYYLn4x4DcAcgBCakCBWVFw1PHsz6oAwGqBPMBT9CQDF_zGqWAcBRuOG27XsHwGT81W6DhxomKgEta0vO_UEoU8YQlCsqkMrDH0VYEwTJehVkUY6UpuvQxV3MTf1ACS2KX_5DMDNaxH0KwJi_hXPzJx1O4GYWJ6in7dX1-eHfjDamoIUyECKxMOy80sfgDDu_zHQWgz6_ht-7RwAH0FEzdn9YmIDouwF5ErEScqufnB9elQTop30mjrBYSQpdIVF-zbLaAjp2VLSq5snsIqfR2XMl5kfaK2wRdeUvk9djXQ8-qQyNm7q8MiGmwJi15YASLVospT6O9ZOFeXzxor1HKiHRHJi5LS8kt4n9u5pt9wASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w%26sig%3DAOD64_3r2puR48aMfz_dYB6uILjo7-37aQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B1wlKu4K8RsE5HTGEBXjD0XCsk_G60_MLihXXLvdWmfdcImT6pZNXLNePjtXa0hNDBanbR_mKo0afCH6ODaBcFxs0QuxWYq6cV-4NyOXHV2xK8H6M_ZniKBiN8MX1Y0ci90BGsPole56DDJ5yRQFhHrLgzvA%26cry%3D1%26dbm_d%3DAKAmf-AtYMF7ndKhvfJez_H_62A9_ECZbLMmFHe46Xd6JAU3h6E6VkT5m_-_ubJ1iCJUFvM3MnBmuM6_fME8BpQgnr1vSZFu30GWMGtcwasir4rcbg--0bNx-2ms3F0JpFs1KisYjSZSMWeZU0R7ZysSVn-n5hGzvqd-ZlbOVhre2CfxrUK-Z0hAVH12qjU9UmoCDVCemzp1-eNjt6wjL3M43v-2FqCWIJp0RmmHUWFGlk0_Nkj9x7Yjpg3US4xFtZQubvWNmMKIrBvg16yt4RAxIO3AR77kCXpYrsB_-t30o6E6zbGNM3DVaiPgWm3HsAff2z3mL6le54SjmnAC5TxoXTaclraNKcBxeXCmPP4ORYrhU1yyCjrCc5Y2ikqIMwxiqCjvH18lBgLqgtHjkJvedMeYLmepvm5DE3KDvIKdzSnmEMycwDpd2Dl0tmUxG3vjNVwJHu5h%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newschannel5.com%2F&ancestorOrigins=https%3A%2F%2Fwww.newschannel5.com&random=7514093424559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 22 Jul 2021 21:35:10 +0200

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7810 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7810 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7810 34 KB
13 KB 253ms
252ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2204086848115672&correlator=747609676129513&output=ldjh&impl=fifs&eid=31061848%2C21068031%2C31061843%2C20211866&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=133810016%2CScripps%2Cscripps-8766-cnsmbl-container-300x250-ads-dr-d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=rfsh%3D1%26invw%3Dtrue%26rfshtime%3D16&eri=1&cookie=ID%3D102da46f89937e98-225271dc8ac80004%3AT%3D1626986110%3AS%3DALNI_MbQp54ORzfwT7QisdLDX1-k8DPo1w&cdm=www.newschannel5.com&bc=31&abxe=1&lmt=1626986110&dt=1626986110692&dlt=1626986110238&idt=162&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=985&adys=1598&adks=1744008382&ucis=n000vxwjnqhw&ifi=1&ifk=2215741139&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=4&url=https%3A%2F%2Fwww.newschannel5.com%2F&top=https%3A%2F%2Fwww.newschannel5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=2038526785.1626986111&ga_sid=1626986111&ga_hid=1474501830&ga_fc=false&fws=260&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

662512d97695dc3dc1af2eaa2bb5d7e9e62a012e4a07547af0e75efbe36fd61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13181
x-xss-protection: 0
google-lineitem-id: 5709712231
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352024894
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newschannel5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D702 6 KB
3 KB 29ms
13ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 22 Jul 2021 20:35:10 GMT
expires: Fri, 22 Jul 2022 20:35:10 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 vidtest.php Show response
v.traileraddict.com/ Frame 80BA 4 KB
1 KB 363ms
343ms XHR
application/json 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v.traileraddict.com/vidtest.php
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.31
Resource Hash: 7a9c7947e8e97888530f5d8cc0e0cc78951b7b1b735f297c864af1cbd28d720f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.6.31
access-control-allow-methods: GET, PUT, POST, OPTIONS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YS5g5hiQrX5FpEuhIX%2FTiWLTVbLftT3dVQeRognjnYA%2BCEkfV1kviDdAu5cof7hlvog%2BfvQ0VPfVXtixi0rM8t5EYMl2QvspIq8aubUqZ7wZQ9iilGvFP1t%2BPge3SuXoD6ax2rHN7UQI%2F5dvAbdJErw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 672f74384c64d70d-FRA
access-control-allow-headers: Content-Type, Authorization, X-Requested-With

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80BA 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=1872048134643675&bg=!qKulq-_NAAbnC78O5ws7ACkAdvg8WiOATTdBwbKslUKuauBqsrhOQLfOF5hMoJB4XWa2WvUahDX-dgIAAADMUgAAAA5oAQcKAEx3nk4bNKCYfDj-MfUsk4lXaX9EYZ96vjohO40AuxpN-vHCDO-Bw8_820p9TRmWF1pNXx_23xDrquZsDin81uGHByC_a6LP-2DmX3F0mQK6hsExeBvnqAIw62A-wSL5UtWN5KhUuAsMl8lpbB9B7psSTvac8nbwszvNBF1-YFOUUvwFOH_C0qHiYMIVyniTDNM8EHq_mU8rovSG_qqmfGuniAF5ufqgG5FRY4KHpHcWZsZXSS8vR7OOYBLzHfOnlkY34cbYLCnE23heL1h-89E-qCatC0Zust_mLIZkFtPJo-ukrdB-EeBjrwUGIF-vydVNQRZ3uxStlt9Oo2hSbjiNzY5WC8LD9dECWx10mCgMRLISvIXihUBy8UJxQm0VSu1Id7Mpp6OPB9sl3ZkPDkYuP8YWjxA9mx09ZHvvTdHMWwwhbgu1iZ14r3z9x7GB-O8_GHxHULSztV7xk5MssVTk6TkurDzjwli2hAEZFMD9cWT7qr4Dq6XhTwjzraFTxKFq4PIAr-pBFPapemhDaKQJvyPMhHMIsM3RYFvT5TXvrOcO50CLNt4SanErOuR62n3cTojICj0O3c2dPBcA1HHfV4XsKg1MtHETCd-RPskF_0thsTKLPzbBf63IYelwS5MIoyb_OhppWyvfgRDaYzwL6aNpHJgPE6mqxZikEFqVSMHIId1BLUF2MLwlIVyZZ7etUOPYCEF4FBz5jpsnXUBR80g0vLadx0Ve_eYI2nLFSW7hq4-qHXMz8duDXbrYLZk97gQzukWVo6xOjLcOjF0tmErGUKjKfk0GeiTlf8Gd0LIxSKQyQMHe4eY5sTSik8EWcTeIwTqaEHZaYXsKo57YIitE9_A04F0MtXDypEQIOihqxsyCXYWGDcwU41cyV5ZX3n3JfJlx_R5CRvRCbtUSjWaKPx8SYtIPPXBoBorlk9T2kwdtHFbYt-CRn3SENGEEAfRe67QNrFlyJuUPWiM7XY02bZHUdvvRF834YzedinafPJLKkLVIOJ31Cek8QXQ7L5QVu_O5ICY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=4306&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=1192&an=53&gi=1&gf=1192&gg=53&ix=1192&ic=1192&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1192&bx=53&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1045&cd=106&ah=1045&am=106&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=643686482&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=4308&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=1192&an=1192&gi=1&gf=1192&gg=1192&ix=1192&ic=1192&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1192&bx=1192&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1045&cd=1045&ah=1045&am=1045&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=1807450531&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 34ms
34ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=4309&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=1192&an=1192&gi=1&gf=1192&gg=1192&ix=1192&ic=1192&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1192&bx=1192&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1045&cd=1045&ah=1045&am=1045&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=925083781&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 7607 4 KB
2 KB 81ms
27ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=dfkx1snbhmf9&nw=20&renderingType=javascript&namespace=f52b7ef704&subid=&uid=50ed94a03fd034f5&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCosm6fNb5YOayMIvE-gauwL3gA7v6hIpXn8Oo5tEK8C4QASDmlIUYYLn4x4DcAcgBCakCBWVFw1PHsz6oAwGqBPMBT9CQDF_zGqWAcBRuOG27XsHwGT81W6DhxomKgEta0vO_UEoU8YQlCsqkMrDH0VYEwTJehVkUY6UpuvQxV3MTf1ACS2KX_5DMDNaxH0KwJi_hXPzJx1O4GYWJ6in7dX1-eHfjDamoIUyECKxMOy80sfgDDu_zHQWgz6_ht-7RwAH0FEzdn9YmIDouwF5ErEScqufnB9elQTop30mjrBYSQpdIVF-zbLaAjp2VLSq5snsIqfR2XMl5kfaK2wRdeUvk9djXQ8-qQyNm7q8MiGmwJi15YASLVospT6O9ZOFeXzxor1HKiHRHJi5LS8kt4n9u5pt9wASYsqCBxgHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BuoB9-fsQLYBwDSCAkIiOGAEBABGB2ACgOYCwHICwGADAGwE9rQtQrQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w%26sig%3DAOD64_3r2puR48aMfz_dYB6uILjo7-37aQ%26client%3Dca-pub-8414627280054593%26dbm_c%3DAKAmf-B1wlKu4K8RsE5HTGEBXjD0XCsk_G60_MLihXXLvdWmfdcImT6pZNXLNePjtXa0hNDBanbR_mKo0afCH6ODaBcFxs0QuxWYq6cV-4NyOXHV2xK8H6M_ZniKBiN8MX1Y0ci90BGsPole56DDJ5yRQFhHrLgzvA%26cry%3D1%26dbm_d%3DAKAmf-AtYMF7ndKhvfJez_H_62A9_ECZbLMmFHe46Xd6JAU3h6E6VkT5m_-_ubJ1iCJUFvM3MnBmuM6_fME8BpQgnr1vSZFu30GWMGtcwasir4rcbg--0bNx-2ms3F0JpFs1KisYjSZSMWeZU0R7ZysSVn-n5hGzvqd-ZlbOVhre2CfxrUK-Z0hAVH12qjU9UmoCDVCemzp1-eNjt6wjL3M43v-2FqCWIJp0RmmHUWFGlk0_Nkj9x7Yjpg3US4xFtZQubvWNmMKIrBvg16yt4RAxIO3AR77kCXpYrsB_-t30o6E6zbGNM3DVaiPgWm3HsAff2z3mL6le54SjmnAC5TxoXTaclraNKcBxeXCmPP4ORYrhU1yyCjrCc5Y2ikqIMwxiqCjvH18lBgLqgtHjkJvedMeYLmepvm5DE3KDvIKdzSnmEMycwDpd2Dl0tmUxG3vjNVwJHu5h%26adurl%3D&documentReferer=https%3A%2F%2Fwww.newschannel5.com%2F&ancestorOrigins=https%3A%2F%2Fwww.newschannel5.com&random=7514093424559&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6415575c98dd2666397a8bea39eedb7381c364ca4c23228c9b18ea16ab3df75f

Request headers

Host: hal90005.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=63b24ca42ccb9394
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/

Response headers

Date: Thu, 22 Jul 2021 20:35:10 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 22 Jul 2021 21:35:10 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1536
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 ff983cd0-6c28-474c-9cc4-7a5281d11e05.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame AEB0 42 KB
14 KB 8ms
7ms XHR
application/javascript 2600:9000:21f3:2c00:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5c2c05cdb42590baf236f817bf784791161a98d95a9ef74687a6f2e97e86b76b

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 18:41:44 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 6806
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: 5ohByyXqHLczlK_Z_z1DywAqi152iH7iYUz-cVlBKh-VhMXskWW9Cg==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

GET
H2 200 /
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame AEB0 42 B
132 B 118ms
117ms Image
image/gif 3.21.254.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=696065&referer=https://www.newschannel5.com/
Requested by: Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.21.254.38 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-21-254-38.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame AEB0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67a9f8b0b6c9bf12fcb9d798881cb32ea8fa972773e74858f8b8b8be28f07440

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK ec0b3127-04bc-4d69-bd8f-6d1d0579a2c7
https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/ Frame AEB0 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/ec0b3127-04bc-4d69-bd8f-6d1d0579a2c7
Requested by: Host: 247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
URL: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 1590
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame B5CE 198 KB
49 KB 24ms
23ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=eqRbKpyrOjYJuvWuyCDxCBHWgtA&tpid=ZXFSYktweXJPallKdXZXdXlDRHhDQkhXZ3RBLzI4NjY4MDEzNDc6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpYRlNZa3R3ZVhKUGFsbEtkWFpYZFhsRFJIaERRa2hYWjNSQkx6STROalk0TURFek5EYzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODY2ODAxMzQ3LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dbca6f28cc533d925a273f298502b17ab2187177947d74fb9cc01d84cd40b067

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:10 GMT
Content-Encoding: gzip
Age: 192
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 49614
X-Served-By: cache-fra19147-FRA
Access-Control-Allow-Origin: *
Server: nginx
X-Timer: S1626986111.989123,VS0,VE1
ETag: f01ce95f2ee5066039647ce2a2dedf2a86b63d5b
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7810 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736025986498"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28059
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:10 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7810 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9382cfa06c30a554a7022d3eda7e2a299285c3d1ca983b50abb6f39d56fe9a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8447
x-xss-protection: 0

GET
H/1.1 200
OK 728x90-MSSTORE-Office2016-Launch%20(1).jpg
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 7607 38 KB
38 KB 132ms
43ms Image
image/jpeg 88.99.65.215
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/728x90-MSSTORE-Office2016-Launch%20(1).jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.65.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.215.65.99.88.clients.your-server.de
Software: nginx /
Resource Hash: befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4

Request headers

Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:11 GMT
Last-Modified: Tue, 16 Feb 2016 11:37:05 GMT
Server: nginx
ETag: "56c309e1-96da"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 38618

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 7607 0
150 B 82ms
28ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=80012300171879700628834011663005&a=85e4a0cb&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:11 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 7607 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7810 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:11 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5CE 0
0 57ms
57ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoLXbqnaXGqJq_6uleudjkc2hzmbo-gcAQ-k59opssEersH9-o8liFoLCYxQTQeP5khDhuefQO_Pfiob6xhga6g1fEbgIopJFwG-f69bZ4IkJ5XDbkTxTuiZ_n67Q0t92uc42o5YeQdTSbVdLDX3_wx3lH7HEP1lCjmLXoprsA12UaB0xKF_znL_imerJAg5feC3ZeTq5uu573Jf5dIA7qiqTqJ1693dlOWZrPW9WuR5oHUN3CNkU5XvSUO8ViuNMhLvCCeaOGMyWWjY9B_7tOP-lxBsKBW3J3wb2dWztNIh9gzB1axB_HKO3efwKdmiX_qyadGcaDN9cRoNMDQwVYjlIsMHKIUjUgWxh5SYhV1j5ntqTrglLB&sig=Cg0ArKJSzMvUeB0ffi0lEAE&adurl=

Requested by

Host: www.newschannel5.com
URL: https://www.newschannel5.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame B5CE 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=eqRbKpyrOjYJuvWuyCDxCBHWgtA&tpid=ZXFSYktweXJPallKdXZXdXlDRHhDQkhXZ3RBLzI4NjY4MDEzNDc6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpYRlNZa3R3ZVhKUGFsbEtkWFpYZFhsRFJIaERRa2hYWjNSQkx6STROalk0TURFek5EYzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODY2ODAxMzQ3LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:26:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 16178317465966918049
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 20:26:40 GMT

GET
H3-29 200 6742681035188243414
tpc.googlesyndication.com/simgad/ Frame B5CE 18 KB
18 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6742681035188243414

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f39f8396ce2befd5b38a6d3b917debc494178204effd7ec814d6299942ba3c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 07:12:01 GMT
x-content-type-options: nosniff
age: 220990
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18840
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 17:29:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 07:12:01 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame B5CE 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 419
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Aug 2021 20:28:12 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5CE 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626736020213958"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B5CE 0
0 13ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7Ae0qRyYyPHXlpbAgwM0CZX0LDrRW2rYekeuXW_pFjXc0FonWnBV7pMOoUrwYLC3-7jRapKRWE6sAJlToslSLNmwZHA
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=eqRbKpyrOjYJuvWuyCDxCBHWgtA&tpid=ZXFSYktweXJPallKdXZXdXlDRHhDQkhXZ3RBLzI4NjY4MDEzNDc6MzAweDI1MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6IlpYRlNZa3R3ZVhKUGFsbEtkWFpYZFhsRFJIaERRa2hYWjNSQkx6STROalk0TURFek5EYzZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODY2ODAxMzQ3LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame B5CE 68 B
345 B 122ms
41ms Image
image/png 18.185.206.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_ZXFSYktweXJPallKdXZXdXlDRHhDQkhXZ3RBLzI4NjY4MDEzNDc6MzAweDI1MA==&v=5&s=92f5a800b07297c48298417c4e86bae15715d567&id=eyJkZnAiOnsiYWQiOjQ5Mjg3OTQ0NzgsImMiOjEzODM1MjAyNDg5NCwibCI6NTcwOTcxMjIzMSwibyI6Mjg2NjgwMTM0NywiQSI6Ii8xMzM4MTAwMTYvU2NyaXBwcy9zY3JpcHBzLTg3NjYtY25zbWJsLWNvbnRhaW5lci0zMDB4MjUwLWFkcy1kci1kIiwieSI6MCwiY28iOjAsInMiOiJkaXYtZ3B0LWFkLTYwNjAxMTg5NzY2NTAtMCJ9fQ%3D%3D&sb=undefined&cb=9413179&h=www.newschannel5.com
Requested by: Host: www.newschannel5.com
URL: https://www.newschannel5.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.206.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-206-154.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:11 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 chevron-left.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 80BA 509 B
828 B 27ms
25ms Image
image/svg+xml 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/chevron-left.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62965052035405846c2a82a5f9c8e662db24ff92100bad81ec4b82d5135a7a78

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Jun 2021 13:24:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "06debc4a8c892312c85a5868e3f1683d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 509
x-amz-cf-id: daB1eZocl3LSvB5_GdRZjYc2BZB3zy4WfetLY4OwRCqOcVYE5rjfKw==

GET
H2 200 chevron-right.svg
yummy.consumable.com/8580/cnsmbl-video-970x250/img/ Frame 80BA 516 B
842 B 26ms
25ms Image
image/svg+xml 13.224.193.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/img/chevron-right.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-19.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0aae9ffbfef06b0b5ef60ef6c0aebfceebb2e9f0deca58dcd9aacacda7e0d7fe

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:07 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Jun 2021 13:24:20 GMT
server: AmazonS3
age: 5
etag: "f25ffe73c2ef159c89576cd693340ac5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 516
x-amz-cf-id: ydDYg9WDlDIckutnCCbUWz9Sns9ByMkGUeZp78n1oyFPcIKepPGS0A==

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 80BA 14 KB
15 KB 31ms
13ms Image
image/webp 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87864
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYXwHJXtIjJKHiuPX3Lreax%2BcXncQYAtgoXt%2FOzoEOJZd3gYjM152ISkQfqFzXYxOzuJzdMz9LdbnAt1PJ%2BQ%2BaOAE996fsLXkkIK82xGN3Ie0llb99VTE6G4XGAdCcFGXV8AlgmDDItoDWGx8F5qNFGdSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 20 Aug 2021 20:03:40 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 672f743ad9a54a74-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 693D 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 22 Jul 2021 19:34:44 GMT
expires: Fri, 22 Jul 2022 19:34:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5633 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa44b3d09e7435d220d6fa18cf71df0299635bc83efd752d5b5ac997ef283413

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y5mEl1GTnVcy5Lh4LAiZoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

expires: Thu, 22 Jul 2021 20:35:11 GMT
date: Thu, 22 Jul 2021 20:35:11 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-y5mEl1GTnVcy5Lh4LAiZoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 17750.json Show response
services.brid.tv/services/get/config/ Frame 80BA 8 KB
3 KB 256ms
203ms XHR
application/json 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/get/config/17750.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 079271ba6a62f5adde2e814359030ba6294d0f0279a3a5c247212ba871a301ce

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache-status: MISS
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-cache: Miss from cloudfront
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-amz-cf-id: qWNuElesHIG9KpsVada1z4a2k5xNT069FSMENFNMri6LCeW5PemlsQ==
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-served-by: i-06f46ae3ef5e2b314

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5CE 0
0 60ms
59ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ3vzSegg6PsvCbUL1rShyYBI6Bj0Z74F7SKisuf-ILVKfj-n70NsaetPeFF_79TNp8TbIdlm8OKALd4yDoD5bCRFysWPv1MfFizLVK1DbCWD9slqqc9PFSsEOJXvU8fRMacXxwmrUBWA8Ykwpaorw3nebllVjQerLdewMQlgZCTgM6C0TWOXlJJFWYmUQwPTNEtmA2EELyfDdwObFwTF1joP8jT97awuU1kRvjf9BGBBZCkAaWhQK2IC9_04yxNS9wDU-LE62TCvmGNgpd6tJCCIDKH4cIHT_TOxmlXWIjzj2St60wjoO-jatxv9EaBCgMeS_GwH01IMblCfEumZBzFXrFO3eye-APn_QySxeGidLqOk17jPt6Zc&sig=Cg0ArKJSzPK9MhN5iOCpEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:11 GMT

GET
DATA 200
OK truncated
/ Frame B5CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b65f8e738f34fb760c21a7cd10443086d65cf1e9ee7375792b3c3488191c20f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js Show response
pagead2.googlesyndication.com/bg/ Frame 693D 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13214
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 07:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 16:31:01 GMT

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 80BA 14 KB
14 KB 16ms
15ms Image
image/webp 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87864
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvnE%2FGwWk9qv2kkJYtIF42267Q59l5r3zuDaspUnEa6Jq8QK1CZ4uiML%2BOhcQYxQs%2BgGBCv1xQXeYyv7mZSOK6vHMjxz2UdulTKdsU8riX7FjyJLdKJUPeJuUZHCGj6meT5KT8dzoIeivrZTlcUUkMvhOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 20 Aug 2021 20:03:40 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 672f743bfc644a74-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7810 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=2204086848115672&bg=!qKulq-_NAAbnC78O5ws7ACkAdvg8WgwWV_dXtFb1In1y338ktTGSpnBWPARL0O-hAPtyXYiIEHriawIAAAB_UgAAABFoAQcKADhLAgFuL-JhH6nDsEysCyW6-QEpCDOIgKGDZ1LK90A6FxLuuNn1pZShQtlUuAIZcKb1E5o4ksGcmpkC_4xSstykbYInTKmb-8xZhDhCZRUHns02_6m3AbVdUIr1EBxHbWJ2xPlLXyP5G-MTkRgnC6cdtUrgpmnlGq9ERZQJ3_Dx5GasqkswInYGNJqw5LcCi40BcaKxx7o-p2GNVaEQqi2OpmxBihAvkJGoCfUfUqinsy86Z-XbHax5QJw2_RvJcPqWslPRSYvwkgWEgmVdnVXxYRWxPamuQlS-pM69kTBhMWG7Zj7WnzBPoHIbN9JlwVxHs408NV-53WnoSJgIi5TAxMHCithJt0sVn8Z3EpjQKjlEPJd2tW8wnjtIuWZZMuvBJfgl07If5c16NSRS9cpOau84VuKUWHJBVnB2-g9vZaoAi7mVc9tFBzF6ZEW4QLgLMSf3C60sr9Sp9T94Nn9aezewfCkmnelT81NLbY8SirxfOM76AXVjb-0OljXYN6l5yVDE26P4xukQ-EUAJ_JRCIm8fgpVL-Fc7nSGmAiQ3dhJVj0PfVv5_Vie1DNcbgAAy6iWi12Wh5aTwnlxzVVxS28QjfVr-zSw3yEIBQH6qcIe1gQqnwbdGBpr57WiAYWkFRwbtAEbhE1VOykxt2gDzc-bhxPP1UIEqplaTKrM0zVT11v9v-YNDLcUeuiLuezkAD9UKGUi6HXOx3XcEZB0kyxMC9-ABHT-Q3r4xBAf5i0bCWYfpVOaNVCumTEi57TEXufAyL8aABo7A1WXSAEaH-Wi_WwI--5uEh6RxX-vTINP_ZGgnxnvAp1kMUVUt91bCEq_WwZWfmQoq65K6z8wqTCURTSYMzM-Y6mtq2atg2BgrJtE1k5zyvHnTJY2X6TDqSBOClWfzzUVHkrKSV4rfzLqnIKW0k6Kc4S6aZTxrm5vj2eubcjBvM_O8vw1FvDpXQMMxObY_Et6b9ZOvaEJY8bRdImCgW7se3nbHRUmFlzuQxWjo76tlhEix3300C7jYp4ZLLZULJfW-Hho-MLI_6uGj4c5PILJhSAMB1jFalEGU2Q-1-qgxD5daCJon5REZ7Z7110WLPwG

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 brid.controls.min.js Show response
p.brid.tv/player/build/plugins/controls/1.0.10/ Frame 80BA 97 KB
24 KB 55ms
45ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/controls/1.0.10/brid.controls.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92dc8adf2c9ff2f0a80481d2ecb1da693c0519cc6cc97d83edc4cfcc8104fc1c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 00:27:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 10:45:07 GMT
server: AmazonS3
age: 72453
etag: W/"10d96600a74303eb0bc6ce2a590591b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: x9JfbK18nlVPcZZtjxo_Qwz4T0fmIah7eLOLf8AHdl1PZvyehm92Lg==

GET
H2 200 brid.gima.min.js Show response
p.brid.tv/player/build/plugins/gima/1.0.17/ Frame 80BA 82 KB
21 KB 53ms
43ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/gima/1.0.17/brid.gima.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbf97de499be855419e0f28c82080ec63a65b39c830bd4fcdbfdf7b3fc26051c

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 22:16:27 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 10:18:48 GMT
server: AmazonS3
age: 80324
etag: W/"eeac87fac4fedd456f174b9d6eb3f462"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: XDUla758oFt63m0tGe8q-Jj0CITAE2aO67AFkPAqkfqqDMhjba1ybg==

GET
H2 200 brid.hls.min.js Show response
p.brid.tv/player/build/plugins/hls/1.0.16/ Frame 80BA 342 KB
101 KB 57ms
47ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/hls/1.0.16/brid.hls.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 762250f67d265d4f2f81cbed449e9ab17feb463a17fde3415c2e5ac683c106ce

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 05:25:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 10:45:08 GMT
server: AmazonS3
age: 75427
etag: W/"0b9417d82c684b6948ac2d0a9c6da7bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: IC6D8maSzsoH_zd0NUkFppZrJGI1NGdwAABe0Q3BCmz1jBOWl0bcFA==

GET
H2 200 consumable.css
c.brid.tv/live/partners/style/ Frame 80BA 10 KB
2 KB 56ms
50ms Stylesheet
text/css 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.brid.tv/live/partners/style/consumable.css
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77d61926f7acef295665e8bc3705000e21c1a4db847338f5969af47c37822bad

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 07 Feb 2020 07:55:48 GMT
server: AmazonS3
age: 1358170
etag: "b4c80903a0a8c1ef4957058a948f9f2f"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
date: Thu, 22 Jul 2021 19:53:39 GMT
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1952
x-amz-cf-id: ESD-USbgqjsbKQthE_7cGOD7LFkmw3mXziuE290xlevcizLns69wPg==

GET
H2 200 g3-blue.jpg
cdn.traileraddict.com/content/consumable/ Frame 80BA 14 KB
14 KB 13ms
13ms Image
image/webp 2606:4700:20::ac43:453b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.traileraddict.com/content/consumable/g3-blue.jpg
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:453b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 87864
cf-polished: qual=85, origFmt=jpeg, origSize=37489
content-disposition: inline; filename="g3-blue.webp"
content-length: 14520
last-modified: Sun, 06 Dec 2020 19:24:44 GMT
server: cloudflare
etag: "5fcd2ffc-9271"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoxwrWvxb6xs2kmZvZqN18SzT5HZxtLoGhDVaa3UttLiNiWfEeAQ5xBL7%2FD438YY%2FJvZLiMmKt0qZVBkdqiHwOoCs82eVFRjsY5The1VQhZq6TsI54WzAHfhc9Shmh4TjcVIXAx4nK8iCMINsOplHmL5Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Fri, 20 Aug 2021 20:03:40 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 672f743c9de84a74-FRA
cf-bgj: imgq:85,h2pri

GET
H3-29 200 css
fonts.googleapis.com/ Frame 80BA 708 B
366 B 24ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato&display=swap

Requested by

Host: c.brid.tv
URL: https://c.brid.tv/live/partners/style/consumable.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://c.brid.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 19:56:29 GMT
server: ESF
date: Thu, 22 Jul 2021 20:35:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Jul 2021 20:35:11 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 80BA 23 KB
23 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.newschannel5.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 245910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 00:16:41 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 80BA 340 KB
117 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:11 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 80BA 0
347 B 77ms
23ms Image
image/gif 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&apa=0&df=0&os=l&m=0&ow=14722&e=l
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 03:24:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 142337
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: FmRfP-7Xs_U_bmjXSkmNgOY5WE-Pz1037qH2nSlji0PsSb7wizHy1w==

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 80BA 0
347 B 49ms
24ms Image
image/gif 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=r&aid=0&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 03:24:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 142337
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: rIJlITP-xDpxJyIuv3TlQXA4KOLRylgwv-lW28W54V1ckbs2IKgf6g==

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.58/ Frame 80BA 81 KB
23 KB 27ms
27ms Script
application/javascript 13.226.145.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.58/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6322feb5482d67ef0fd9ee7b54d6352bdbc6b79524ba7f99b3a1fd939b893eee

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 22:16:36 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 10:45:08 GMT
server: AmazonS3
age: 80316
etag: W/"aa4cf9bc0a057132724f62411aca27f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, immutable
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: vi2oI20QoXoYP-C09FWZNup_Vk0pe3LKiQXAetHCkLd5zG_GDrhWWg==

GET
H3-29 200 bridge3.472.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D2F0 578 KB
190 KB 22ms
8ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194367
date: Fri, 16 Jul 2021 07:35:00 GMT
expires: Sat, 16 Jul 2022 07:35:00 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 565211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 80BA 44 KB
17 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 22 Jul 2021 20:35:11 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.be/adsid/ Frame 80BA 107 B
122 B 30ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 80BA 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newschannel5.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3B13 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 19:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 22 Jul 2021 20:40:19 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D2F0 16 KB
3 KB 162ms
161ms XHR
text/xml 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&correlator=4184947953885766&sz=640x480&url=https%3A%2F%2Fwww.newschannel5.com%2F&description_url=https%3A%2F%2Fwww.newschannel5.com%2F&iu=%2F133810016%2FScripps%2Fscripps-8580-cnsmbl-video-970x250-dr-d&cust_params=hb_uuid%3Dundefined%26hb_cache_id%3Dundefined&vpa=auto&vpmute=1&vconp=1&sdkv=h.3.472.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&mpt=brid-player&mpv=2.7.18&sdki=44d&adk=2842492851&sdk_apis=2%2C7%2C8&sid=34249F2D-5ED1-47A0-BD44-11B00EB11614&eid=44726392&dt=1626986111867&cookie=ID%3D102da46f89937e98%3AT%3D1626986110%3AS%3DALNI_MZxyCdwtI_1PSz86BuJ8ciPCEUuNQ&scor=1348987688532714&ged=ve4_td2_tt0_pd2_la2000_er1598.420.1748.720_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3b17c629474524ac98512b9840adadc7f725e65713252881805346e5d147d47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2988
x-xss-protection: 0
google-lineitem-id: 5744188968
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138357011376
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEB0 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyDj-oPjFKIV1bJpItYieT-LK3g5r_kfBEwfRsCZebWZfMgnNjt7QVWLohogwnuBuGJp9DaBBmafDX_deHMoej9LDmQRlGKeQQeLFkCVCQ1lE3&sai=AMfl-YSbvo3yfGhGxCKA6iWaOgEbhmG9-Dzn7BczL7K3PfmEKZ3nX0_kmv6ov_VZa0WE5AJ1qu17UOwbXHRcCwJ3s2f5Dzos6eQ1BzAkgwRYwbqoTOEE0EHJdXXowe-pEh3i&sig=Cg0ArKJSzAvFz9pRMB2iEAE&cid=CAASFeRoo5DoZlpqbwYlWE2h_5DVvLXa1w&id=lidar2&mcvt=1003&p=1106,436,1196,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210719&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1304723128&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626986109143&dlt=21&rpt=1783&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET v1
prebid.digitru.st/id/ Frame 80BA 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame D2F0 0
339 B 280ms
99ms Ping
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krfdiudp&c=8247036298247&slotId=4123518149123.5&qqid=CIu5hMrD9_ECFZs04AodGMsKWw&gqid=f9b5YLebNuaox_AP9J2JiAE&fb=ima_html5-lima&sdkv=h.3.472.0&ppt=brid-player&ppv=2.7.18&mrd=8&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=3&vhc=0&ghmsh_eids=44726392
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D2F0 0
25 B 165ms
165ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuplBrkrEUWk-WZsZnUZ0R9_WIcvQ5KSexHrndky7uRqWqTSR61ZWf_YfB4JX3zkneVqpgb05YZ_BPm6_V0MupQkDN4pYvWw8VKEFatNW7c8WQXkEiteLUHO5ucc4sVGz01Y1zA2TRt3mLxZbeH4HTbAp8sWwuy03GOyitUPoHLctAXbSakhOf978RQ0dccXIcq35eHWM1C47jUFnP7YPzjVJP1DSo18RSXSUqpJtoZ5QRrE8nyWuLlNdFCqeHzf505UMSTSIcZo10Z2-ZcVhWjtsu42xTlE9cWj7lQcrRrr7duYvlQ019vOm43VDVVr6oLsNp4Tr6pFd15yX6swSs5ervg02F7qsYNW24TV8_G15OyDsI&sig=Cg0ArKJSzBtA3fa3twCZEAE&sdkv=h.3.472.0&vci=CnAIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVInCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb1AAGAE.&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:12 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 80BA 0
45 B 234ms
100ms Ping
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~krfdiu9m&c=8247036298247&slotId=4123518149123.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:12 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content Global_Unplug_Banner_320x50_rev.mp4
s3.amazonaws.com/yummy.consumable.com/ads4change/ Frame 80BA 125 KB
125 KB 796ms
467ms Media
video/mp4 52.217.42.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/yummy.consumable.com/ads4change/Global_Unplug_Banner_320x50_rev.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.42.174 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a1e999ac24b93c0839b437900983deeb5916ca65fefa3c7ea71f062cb3f9e3eb

Request headers

Referer: https://www.newschannel5.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 22 Jul 2021 20:35:13 GMT
Last-Modified: Wed, 21 Jul 2021 17:56:17 GMT
Server: AmazonS3
x-amz-request-id: 1VV9G034NZH1PMG4
ETag: "a4da55ecf8d0ebc161fb46b673efed82"
Content-Type: video/mp4
Content-Range: bytes 0-127612/127613
Accept-Ranges: bytes
Content-Length: 127613
x-amz-id-2: 1ZfOmlVm3RFal+VxXt9eDkw+dm8RY8wfI+gDY+2dbdIibxsoQVXV2HmPyRlM6JgrAB6AQp7DcSI=

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 7607 0
150 B 301ms
246ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=80012300171879700628834011663005&a=85e4a0cb&vb=v
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal90005.redintelligence.net/request_content.php?s=80012300171879700628834011663005&a=279a9418
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:12 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3-29 204 csi
csi.gstatic.com/ Frame D2F0 0
17 B 189ms
98ms Ping
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~krfdiuka&c=8247036298247&slotId=4123518149123.5&qqid=CIu5hMrD9_ECFZs04AodGMsKWw&gqid=f9b5YLebNuaox_AP9J2JiAE&fb=ima_html5-lima&sdkv=h.3.472.0&ppt=brid-player&ppv=2.7.18&mrd=8&aab=1&itv=1&gpm_i=3&gpm_c=3&gpm_a=3&smb=250&br=99&mt=video%2Fmp4&vs=320x108&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
350 B 38ms
36ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D2F0 0
26 B 61ms
59ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstshGLLJI7zD-l-7NRM9OAdajrYsYLpV3p332yeSGUnGIjdanmNVE2NJ0CfRo3kqjjMCMUhoQUfZzrkyT_Z04XtAiHe5SqPvB9WZFoz1ADSWcTShPcmhmmAABgv6TCgwtHKn6sf8IW0E_m27rMtNsyigoJxGq2zSQgooGHcQFqoA7mXB1A_TeDMXm8WRZ5kvBtH0rxxuImpbSxx1eaTErwHVe8JvC95ZH7UL2LDJBBBpjqiLpD37k7B9Nd6Wf5_HNUVr0UQ9HLTSndG5lLXqdPLA3k79s57eko1ZlunxJVeWWAS3vngYC6lA1snqj7hGiuQYN-QVIt307cTOpcSr9hGvUvQeENUhGEQ4vlDR7f-6t4m&sig=Cg0ArKJSzHLQix1auxM4EAE&sdkv=h.3.472.0&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Jul 2021 20:35:13 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
336 B 49ms
47ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=vast_creativeview&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10051%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986113033%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
336 B 48ms
46ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=videoautoplayed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10051%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986113033%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D2F0 42 B
113 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqPc6RM8vx1uzCTeqMIOANIJGcnql-KCLgnM5sR14rKxf3NnXl0x0TbYSHP0nV-CeJBrCaFZ3Ra5c3p5x4kC5LTDjYjiCHI7Zrq3g2b9Nftkr2lP6H&sig=Cg0ArKJSzDsxhuUW-hl4EAE&id=lidarv&acvw=sv%3D900%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10051%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986113035%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&avm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
336 B 49ms
48ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=part2viewed&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10051%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986113038%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
335 B 48ms
47ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=admute&ad_mt=0&acvw=sv%3D900%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D17%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D17%26pst%3D-1%26dur%3D10051%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D17%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986113044%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 80BA 0
347 B 22ms
22ms Image
image/gif 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=i&aid=0&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 03:24:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 142339
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: J7ZbJTEO-o09u3pHQDQhOIFA1t92zdAVjUlNzpyHM68MYBHtL4twYg==

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
64 B 84ms
84ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame BF7A
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

105ms
27ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/8766/cnsmbl-container-300x250-ads/widget/iframe.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: Keep-Alive
Cache-Control: max-age=70798
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
etag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx00000000000000996293c-0060f99990-536268f-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 10
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1626986114.dop145.fr8.t,1626986114.cds290.fr8.shn,1626986114.dop145.fr8.t,1626986114.cds267.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame E621
Redirect Chain

https://u.openx.net/w/1.0/pd
https://u.openx.net/w/1.0/pd?cc=1

668 B
732 B

26ms
25ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: f25c6bc5c52be9862b8206b499eacbcb0f8036d40b706e91140598e43b5250cc

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113; Version=1; Expires=Fri, 22-Jul-2022 20:35:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626986113|gekin0vNiygu; Version=1; Expires=Fri, 06-Aug-2021 20:35:13 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 22 Jul 2021 20:35:13 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

set-cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113; Version=1; Expires=Fri, 22-Jul-2022 20:35:13 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1
date: Thu, 22 Jul 2021 20:35:13 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 605F 281 B
554 B 67ms
21ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Jul 2021 20:35:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 50FE 926 B
1 KB 99ms
30ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host: biddr.brealtime.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Date: Thu, 22 Jul 2021 20:35:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: TbU7+yzfDH91yM7VEhnmJ9E9h3lSNIMTdpc6Bvd6SS2kV+U2BANWAwb92QDmUbs8n2XpkbFT7eo=
x-amz-request-id: 6ABKPVGKJW10GS23
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 4552
Expires: Thu, 22 Jul 2021 20:36:13 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 672f744b6cbbfa8c-AMS
Content-Encoding: gzip

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0A37 38 KB
14 KB 95ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=50735
expires: Fri, 23 Jul 2021 10:40:48 GMT
date: Thu, 22 Jul 2021 20:35:13 GMT
vary: Accept-Encoding

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E621
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0f260f9-d681-4f00-80e2-2355ed0e98c3

43 B
106 B

31ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0f260f9-d681-4f00-80e2-2355ed0e98c3
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 22 Jul 2021 20:35:13 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=c0f260f9-d681-4f00-80e2-2355ed0e98c3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 22 Jul 2021 20:35:12 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E621
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=J9M0rHXVaqQ8gDOsdYV_8HDWYaQ81zSlc9PJ2lhL

43 B
122 B

28ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=J9M0rHXVaqQ8gDOsdYV_8HDWYaQ81zSlc9PJ2lhL
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=J9M0rHXVaqQ8gDOsdYV_8HDWYaQ81zSlc9PJ2lhL
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame E621
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4864547998687448043

43 B
106 B

25ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4864547998687448043
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4864547998687448043
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame E621 70 B
265 B 236ms
37ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=493e4a08-c660-78bf-c46a-1e3cabef3baa&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E621
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjU1MTk5YzItMGYxNy0yNjFiLWQxOGEtNDQ4NTYxMGRmNWNh
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjU1MTk5YzItMGYxNy0yNjFiLWQxOGEtNDQ4NTYxMGRmNWNh&google_tc=

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjU1MTk5YzItMGYxNy0yNjFiLWQxOGEtNDQ4NTYxMGRmNWNh&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjU1MTk5YzItMGYxNy0yNjFiLWQxOGEtNDQ4NTYxMGRmNWNh&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E621
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENeiFcNE_41PnRR9HFZ_V8A&google_cver=1

43 B
106 B

33ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENeiFcNE_41PnRR9HFZ_V8A&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENeiFcNE_41PnRR9HFZ_V8A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 605F 31 KB
10 KB 24ms
24ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85778
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Fri, 23 Jul 2021 20:24:51 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0A37 5 KB
6 KB 86ms
36ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12998911&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 43b570b2841b5a0e9a52c7dc9398810e603a9e5f7743c84302175dd2fdc83333

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:12 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 605F 284 B
536 B 162ms
33ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 5F68
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF

35 B
476 B

32ms
31ms

Document
image/gif

37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?CC=1&party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=2992641429296051074; expires=Mon, 20 Sep 2021 20:35:14 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=37634BDC-85F3-40B5-A55A-23702C5E64EF
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: C=1; expires=Sun, 22 Aug 2021 20:35:14 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

adx Show response
match.prod.bidr.io/cookie-sync/ Frame 2987
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBRXBVN0I4NjBBQUY1ajk4MlJpdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

43 B
430 B

39ms
38ms

Document
image/gif

52.17.245.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.245.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-245-120.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bito=AAAEpU7B860AAF5j982Riw; bitoIsSecure=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Thu, 22 Jul 2021 20:35:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date: Thu, 22 Jul 2021 20:35:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 3B1C 43 B
338 B 278ms
19ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Thu, 22 Jul 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1060
date: Thu, 22 Jul 2021 20:35:13 GMT
content-length: 43

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A51B
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6205364629
https://sync.1rx.io/usersync/tradedesk/9f3a9903-3a62-4f51-b214-f743430ace4a
https://sync.targeting.unrulymedia.com/csync/RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003

42 B
425 B

26ms
25ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=37634BDC-85F3-40B5-A55A-23702C5E64EF; chkChromeAb67Sec=1; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A201_197; SyncRTB3=1627776000%3A63%7C1627344000%3A216%7C1628121600%3A21_178_99_233_22_55_165_176_7_48_8_54_166_5_3_104_56_13_71_57_220_231_189%7C1628208000%3A35%7C1627516800%3A38_223_2_15; PUBMDCID=3; KRTBCOOKIE_57=22776-911211800664970267; PugT=1626986114; KRTBCOOKIE_80=22987-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&16514-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&23025-CAESEOIxSE_MO0F6-n1eT04tLOU; SPugT=1626969881; KRTBCOOKIE_27=16735-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&16736-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23019-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23114-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3; KRTBCOOKIE_377=6810-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&22918-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&23031-9f3a9903-3a62-4f51-b214-f743430ace4a; KRTBCOOKIE_107=1471-uid:2QFvl9Sh1M6Fpw5; KRTBCOOKIE_153=19420-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf&KRTB&22979-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf; KRTBCOOKIE_22=14911-3477478560383924954; KRTBCOOKIE_1074=22956-e_3c1cb202-dce1-4e65-bcd9-b084e3a76081; KRTBCOOKIE_218=22978-YPnWggADATn9YAAC&KRTB&23194-YPnWggADATn9YAAC&KRTB&23209-YPnWggADATn9YAAC&KRTB&23244-YPnWggADATn9YAAC; KRTBCOOKIE_391=22924-3748493476250715673&KRTB&23263-3748493476250715673; KRTBCOOKIE_860=16335-IWf420PTRdhrCzsTp7YIiE3zv_Q; KRTBCOOKIE_699=22727-AAAEpU7B860AAF5j982Riw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 22 Jul 2021 20:35:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003&KRTB&17107-RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 20:35:15 GMT; path=/ PugT=1626986115; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 20:35:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 20:35:15 GMT; path=/
x-lat: lhrpug011:0:431
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 22 Jul 2021 20:35:15 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003%22%7D; path=/; expires=Fri, 22 Jul 2022 20:35:15 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-efbf2052-5817-496a-8c5a-f3d45fb05b73-003
etag: RXefbf20525817496a8c5af3d45fb05b73003

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame E7EE 0
44 B 6539ms
4544ms Document
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 22 Jul 2021 20:35:19 GMT
server: b

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame F4FC 43 B
408 B 68ms
20ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS: ams-delivery-4.sys.adgear.com
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame 5D54
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

31ms
28ms

Document
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: px.owneriq.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 0
Content-Type: image/gif
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame C8E6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
411 B

162ms
160ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=asnoeUxZduBnRApTpsha97NwFawQtPabacM63y1T9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=ahnseFm5ab7AyuoCUkE2a1SWbjBxXUF3a0ytZdBicdxR8jw2o6Oup9e7C3NZbW899fhwCNEhSpTmOgQO8nyW4I; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 20:35:14 GMT; SameSite=None; Secure; ANON_ID_old=ahnseFm5ab7AyuoCUkE2a1SWbjBxXUF3a0ytZdBicdxR8jw2o6Oup9e7C3NZbW899fhwCNEhSpTmOgQO8nyW4I; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 20:35:14 GMT;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 672f744dba934e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 1236
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=asnoeUxZduBnRApTpsha97NwFawQtPabacM63y1T9; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 20:35:14 GMT; SameSite=None; Secure; ANON_ID_old=asnoeUxZduBnRApTpsha97NwFawQtPabacM63y1T9; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 20:35:14 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 672f744c9fe24e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ Frame 409F 0
114 B 1421ms
1213ms Document
text/plain 38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: match.bnmla.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Thu, 22 Jul 2021 20:35:15 GMT
Content-Length: 0
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 10AD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IWf420PTRdhrCzsTp7YIiE3zv_Q

42 B
219 B

25ms
24ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IWf420PTRdhrCzsTp7YIiE3zv_Q
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IWf420PTRdhrCzsTp7YIiE3zv_Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=37634BDC-85F3-40B5-A55A-23702C5E64EF; chkChromeAb67Sec=1; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A201_197; SyncRTB3=1627776000%3A63%7C1627344000%3A216%7C1628121600%3A21_178_99_233_22_55_165_176_7_48_8_54_166_5_3_104_56_13_71_57_220_231_189%7C1628208000%3A35%7C1627516800%3A38_223_2_15; PUBMDCID=3; KRTBCOOKIE_57=22776-911211800664970267; PugT=1626986114; KRTBCOOKIE_80=22987-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&16514-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&23025-CAESEOIxSE_MO0F6-n1eT04tLOU; SPugT=1626969881; KRTBCOOKIE_27=16735-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&16736-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23019-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23114-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3; KRTBCOOKIE_377=6810-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&22918-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&23031-9f3a9903-3a62-4f51-b214-f743430ace4a; KRTBCOOKIE_107=1471-uid:2QFvl9Sh1M6Fpw5; KRTBCOOKIE_153=19420-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf&KRTB&22979-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf; KRTBCOOKIE_22=14911-3477478560383924954; KRTBCOOKIE_1074=22956-e_3c1cb202-dce1-4e65-bcd9-b084e3a76081; KRTBCOOKIE_218=22978-YPnWggADATn9YAAC&KRTB&23194-YPnWggADATn9YAAC&KRTB&23209-YPnWggADATn9YAAC&KRTB&23244-YPnWggADATn9YAAC; KRTBCOOKIE_391=22924-3748493476250715673&KRTB&23263-3748493476250715673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-IWf420PTRdhrCzsTp7YIiE3zv_Q; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 20:35:14 GMT; path=/ PugT=1626986114; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 20:35:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 20:35:14 GMT; path=/
x-lat: lhrpug007:0:456
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Content-Type: text/html; charset=utf-8
Date: Thu, 22 Jul 2021 20:35:14 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IWf420PTRdhrCzsTp7YIiE3zv_Q
Set-Cookie: sa-user-id=s%3A0-2167f8db-43d3-45d8-6b0b-3b13a7b60888.0jZLus5Nsgy4f5%2BHAW6XJiVL4NFm%2FPYei6MHElTXtk4; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-2167f8db-43d3-45d8-6b0b-3b13a7b60888%24ip%2477.243.191.244.i%2Fr%2FfCmJpSpODh4XLV8lcnwXA4oaIIw5YOx32FQuhRY; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 159
Connection: keep-alive

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0D0A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2QFvl9Sh1M6Fpw5&gdpr=0&gdpr_consent=

42 B
210 B

25ms
25ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2QFvl9Sh1M6Fpw5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2QFvl9Sh1M6Fpw5&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KADUSERCOOKIE=37634BDC-85F3-40B5-A55A-23702C5E64EF; chkChromeAb67Sec=1; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A201_197; SyncRTB3=1627776000%3A63%7C1627344000%3A216%7C1628121600%3A21_178_99_233_22_55_165_176_7_48_8_54_166_5_3_104_56_13_71_57_220_231_189%7C1628208000%3A35%7C1627516800%3A38_223_2_15; PUBMDCID=3; KRTBCOOKIE_57=22776-911211800664970267; PugT=1626986114; KRTBCOOKIE_80=22987-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&16514-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&23025-CAESEOIxSE_MO0F6-n1eT04tLOU; SPugT=1626969881; KRTBCOOKIE_27=16735-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&16736-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23019-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23114-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3; KRTBCOOKIE_377=6810-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&22918-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&23031-9f3a9903-3a62-4f51-b214-f743430ace4a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_107=1471-uid:2QFvl9Sh1M6Fpw5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 20:35:14 GMT; path=/ PugT=1626986114; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 20:35:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 20:35:14 GMT; path=/
x-lat: lhrpug010:0:385
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Cache-Control: no-cache, must-revalidate
Date: Thu, 22 Jul 2021 20:35:13 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:2QFvl9Sh1M6Fpw5&gdpr=0&gdpr_consent=
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma: no-cache
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=2QFvl9Sh1M6Fpw5; Domain=.w55c.net; Expires=Mon, 22-Aug-2022 20:35:14 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 21-Aug-2021 20:35:14 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security: max-age=604800; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=N2NL3IXzQLWlWiNwLF5k7w%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

32ms
32ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=52880
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Fri, 23 Jul 2021 11:16:34 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame 0A37 0
66 B 70ms
23ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=37634BDC-85F3-40B5-A55A-23702C5E64EF
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c0f260f9-d681-4f00-80e2-2355ed0e98c3

0
260 B

80ms
29ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c0f260f9-d681-4f00-80e2-2355ed0e98c3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:04:41 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 22 Jul 2021 20:35:13 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=c0f260f9-d681-4f00-80e2-2355ed0e98c3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 22 Jul 2021 20:35:12 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Mzc2MzRCREMtODVGMy00MEI1LUE1NUEtMjM3MDJDNUU2NEVG&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
341 B

76ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:385
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOIxSE_MO0F6-n1eT04tLOU&google_cver=1

42 B
281 B

77ms
26ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOIxSE_MO0F6-n1eT04tLOU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:512
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOIxSE_MO0F6-n1eT04tLOU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 0A37 43 B
609 B 103ms
24ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 21 Jul 2021 20:35:14 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3477478560383924954&gdpr=0&gdpr_consent=&us_privacy=

1 B
187 B

27ms
24ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3477478560383924954&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug013:0:449
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3477478560383924954&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPnWggADATn9YAAC&gdpr=0&gdpr_consent=&_test=YPnWggADATn9YAAC

1 B
236 B

25ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPnWggADATn9YAAC&gdpr=0&gdpr_consent=&_test=YPnWggADATn9YAAC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:273
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1626986114.211025,VS0,VE0
x-served-by: cache-fra19174-FRA
x-cache: HIT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPnWggADATn9YAAC&gdpr=0&gdpr_consent=&_test=YPnWggADATn9YAAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f3a9903-3a62-4f51-b214-f743430ace4a

42 B
293 B

26ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f3a9903-3a62-4f51-b214-f743430ace4a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:493
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9f3a9903-3a62-4f51-b214-f743430ace4a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=0&gdpr_consent=

42 B
338 B

42ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:520
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 22 Jul 2021 20:35:13 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 22 Jul 2021 20:35:12 GMT

GET
H2 200 37634BDC-85F3-40B5-A55A-23702C5E64EF
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0A37 43 B
840 B 123ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/37634BDC-85F3-40B5-A55A-23702C5E64EF?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37634BDC-85F3-40B5-A55A-23702C5E64EF&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=37634BDC-85F3-40B5-A55A-23702C5E64EF&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QR9JFzxE2uULZFUctCOjpu9HBCUDni8-~A&gdpr=0&gdpr_consent=

0
128 B

245ms
245ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QR9JFzxE2uULZFUctCOjpu9HBCUDni8-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 16:04:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 22 Jul 2021 20:35:21 GMT
Server: ATS/7.1.2.128
Age: 2
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-QR9JFzxE2uULZFUctCOjpu9HBCUDni8-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=911211800664970267&gdpr=0&gdpr_consent=

42 B
287 B

60ms
25ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=911211800664970267&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:530
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 711ea79d-644a-48d3-9e06-ceb724440cb8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=911211800664970267&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 0A37 0
104 B 111ms
65ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=37634BDC-85F3-40B5-A55A-23702C5E64EF&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1 200
OK CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 0A37 0
88 B 1444ms
109ms Image
text/plain 52.45.185.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.185.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-185-178.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=545f1d4b-eb2c-11eb-a6b2-63bb64799dee&gdpr=0&gdpr_consent=

1 B
372 B

25ms
25ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=545f1d4b-eb2c-11eb-a6b2-63bb64799dee&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:584
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=545f1d4b-eb2c-11eb-a6b2-63bb64799dee&gdpr=0&gdpr_consent=
Date: Thu, 22 Jul 2021 20:35:18 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 545f1d4c-eb2c-11eb-a6b2-63bb64799dee

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf

42 B
275 B

34ms
34ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug015:0:405
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
486 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:328
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:16 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 0A37
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B332_E0A2A692_CC4F0505&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

131ms
131ms

Image
image/gif

204.2.255.233
NTT-COMMUNICATION...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.2.255.233 , United States, ASN2914 (NTT-COMMUNICATIONS-2914, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-309972917; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:17 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-309972917; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Thu, 22 Jul 2021 20:35:17 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:441
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7794e52c-90cd-45bb-81c4-ee1920df7bd6
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=7794e52c-90cd-45bb-81c4-ee1920df7bd6
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=803a0c18-3488-4b94-b52d-16c5c09808c2&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7794e52c-90cd-45bb-81c4-ee1920df7bd6&gdpr=&gdpr_consent=&gdpr_pd=

1 B
216 B

28ms
28ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7794e52c-90cd-45bb-81c4-ee1920df7bd6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:19 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:427
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7794e52c-90cd-45bb-81c4-ee1920df7bd6&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 22 Jul 2021 20:35:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_3c1cb202-dce1-4e65-bcd9-b084e3a76081

42 B
223 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_3c1cb202-dce1-4e65-bcd9-b084e3a76081
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug007:0:418
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_3c1cb202-dce1-4e65-bcd9-b084e3a76081
date: Thu, 22 Jul 2021 20:35:14 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0A37
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3748493476250715673

42 B
234 B

25ms
24ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3748493476250715673
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:506
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3748493476250715673
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 500
Internal Server Error pubmatic
sync.resetdigital.co/csync/ Frame 0A37 0
0 1919ms
514ms Image
text/html 45.35.192.162
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.resetdigital.co:10001/csync/pubmatic
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.35.192.162 , United States, ASN40676 (AS40676, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 239A
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

31ms
31ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AC29 14 KB
5 KB 35ms
29ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=37634BDC-85F3-40B5-A55A-23702C5E64EF; chkChromeAb67Sec=1; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A201_197; SyncRTB3=1627776000%3A63%7C1627344000%3A216%7C1628121600%3A21_178_99_233_22_55_165_176_7_48_8_54_166_5_3_104_56_13_71_57_220_231_189%7C1628208000%3A35%7C1627516800%3A38_223_2_15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=52880
expires: Fri, 23 Jul 2021 11:16:34 GMT
date: Thu, 22 Jul 2021 20:35:14 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 35A7 995 B
1 KB 78ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=911211800664970267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 22 Jul 2021 20:35:14 GMT
Age: 6707452
X-Served-By: cache-lga21975-LGA, cache-fra19121-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 11367, 72365
X-Timer: S1626986114.159016,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF7A
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927

0
44 B

100ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 7ng76lu2fkirc3r3ivqq87nrhniad9pu

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF7A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267

0
44 B

100ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 63a26cc3-0289-4f7e-8cc5-16c2e7e9d8ca
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

occ
ups.analytics.yahoo.com/ups/56621/ Frame BF7A
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

0
0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF7A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174

0
44 B

101ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Thu, 22 Jul 2021 20:35:14 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF7A
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: nginx
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame BF7A 0
474 B 328ms
19ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame BF7A 0
44 B 103ms
99ms Image
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.8206220552727723%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 35A7 0
732 B 471ms
25ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ba94f0e5-9565-437a-b912-b47043fd4f9b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 239A 31 KB
10 KB 28ms
27ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85777
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Fri, 23 Jul 2021 20:24:51 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 239A 284 B
536 B 32ms
32ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame BF90
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

21ms
21ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: Keep-Alive
Cache-Control: max-age=70798
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
etag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx00000000000000996293c-0060f99990-536268f-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 10
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1626986114.dop145.fr8.t,1626986114.cds290.fr8.shn,1626986114.dop145.fr8.t,1626986114.cds267.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame AEF8 0
0 3383ms
119ms Document
text/plain 67.202.110.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d6zqeAByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.24 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=d6zqeAByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Thu, 22 Jul 2021 20:35:16 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 1683
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

40ms
39ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 8619f6475693ab45b894709a076961bc4924e78342f1bacd9a33c6fd2d4f3db8

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=8343693602673078447
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQ19q3_6wvCgoIkQIQ19q3_6wvCgoI4gEQ19q3_6wvCgoIkgIQ19q3_6wvCgoI5gEQ19q3_6wvCgoIhwIQ19q3_6wvCgkIOhDX2rf_rC8KCQgLENfat_-sLwoJCF8Q19q3_6wvCgkIHxDX2rf_rC8=; Max-Age=7776000; Expires=Wed, 20 Oct 2021 20:35:14 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8343693602673078447; Max-Age=7776000; Expires=Wed, 20 Oct 2021 20:35:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0
set-cookie: tluid=747869108649161870; Max-Age=7776000; Expires=Wed, 20 Oct 2021 20:35:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame EAAA 542 B
656 B 29ms
29ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: ab2369e24b854e8f16e5733a3c40a8a31a72ad4f1904808a28dddfc6c96c838e

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113; pd=v2|1626986113|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113; Version=1; Expires=Fri, 22-Jul-2022 20:35:14 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626986113.1|kiiygevNgun0.gqsLommOnsgi; Version=1; Expires=Fri, 06-Aug-2021 20:35:14 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: text/html
content-length: 340
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 471B 52 KB
17 KB 27ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=911211800664970267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Jul 2021 04:42:55 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 22 Jul 2021 20:35:14 GMT
Age: 57136
X-Served-By: cache-lga13623-LGA, cache-fra19121-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 403670
X-Timer: S1626986114.305627,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FCF6 52 KB
17 KB 56ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=911211800664970267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 21 Jul 2021 04:42:55 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 22 Jul 2021 20:35:14 GMT
Age: 57136
X-Served-By: cache-lga13623-LGA, cache-fra19121-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 403672
X-Timer: S1626986114.335074,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

2000248.html Show response
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 80BA
Redirect Chain

https://sync.serverbid.com/ss/2000248.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

4 KB
5 KB

29ms
29ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: Keep-Alive
Cache-Control: max-age=70798
Content-Length: 4376
Content-Type: text/html
Last-Modified: Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges: bytes
etag: "8ca299ba400101b6642362a2bceff771"
x-amz-request-id: tx00000000000000996293c-0060f99990-536268f-nyc3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 10
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1626986114.dop145.fr8.t,1626986114.cds290.fr8.shn,1626986114.dop145.fr8.t,1626986114.cds267.fr8.c

Redirect headers

content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control: no-cache

GET
H2

200

usersync Show response
rtb.gumgum.com/ Frame 7394
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://rtb.gumgum.com/usersync?b=mmh&i=c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=1&gdpr_consent=

35 B
237 B

42ms
42ms

Document
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usersync?b=mmh&i=c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=1&gdpr_consent=
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method: GET
:authority: rtb.gumgum.com
:scheme: https
:path: /usersync?b=mmh&i=c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: vst=e_3c1cb202-dce1-4e65-bcd9-b084e3a76081
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *

Redirect headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Server: MT3 3810 5cb7d7e master zrh-pixel-x28
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://rtb.gumgum.com/usersync?b=mmh&i=c0f260f9-d681-4f00-80e2-2355ed0e98c3&gdpr=1&gdpr_consent=
Expires: Thu, 22 Jul 2021 20:35:13 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1B78 281 B
554 B 22ms
20ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.newschannel5.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

sync Show response
eb2.3lift.com/ Frame BE78
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

36ms
35ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 8619f6475693ab45b894709a076961bc4924e78342f1bacd9a33c6fd2d4f3db8

Request headers

:method: GET
:authority: eb2.3lift.com
:scheme: https
:path: /sync?&ld=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tluid=8343693602673078447
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: text/html; charset=utf-8
content-length: 478
set-cookie: sync=CgoIgQIQ19q3_6wvCgoIkQIQ19q3_6wvCgoI4gEQ19q3_6wvCgoIkgIQ19q3_6wvCgoI5gEQ19q3_6wvCgoIhwIQ19q3_6wvCgkIOhDX2rf_rC8KCQgLENfat_-sLwoJCF8Q19q3_6wvCgkIHxDX2rf_rC8=; Max-Age=7776000; Expires=Wed, 20 Oct 2021 20:35:14 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=8343693602673078447; Max-Age=7776000; Expires=Wed, 20 Oct 2021 20:35:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0
set-cookie: tluid=8343693602673078447; Max-Age=7776000; Expires=Wed, 20 Oct 2021 20:35:14 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame AF44 542 B
652 B 27ms
26ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: ab2369e24b854e8f16e5733a3c40a8a31a72ad4f1904808a28dddfc6c96c838e

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.newschannel5.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113; pd=v2|1626986113|gekin0vNiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.newschannel5.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=9a927551-6fe7-4748-9ebc-d6d4cfc80857|1626986113; Version=1; Expires=Fri, 22-Jul-2022 20:35:14 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626986113.1|kiiygevNgun0.gqsLommOnsgi; Version=1; Expires=Fri, 06-Aug-2021 20:35:14 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.211.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: text/html
content-length: 340
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1

200

4.gif
id5-sync.com/c/441/19/6/
Redirect Chain

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/441/9/1.gif?puid=0&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5u-gp1nljdBe3lTFt6eScr1pc_FYb_qQnsBOQg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO5u-gp1nljdBe3lTFt6eScr1pc_FYb_qQnsBOQg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
https://id5-sync.com/cq/441/124/8/2.gif?puid=dd47e952-99e4-4202-a062-2a40b3bf7282&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJ3xITscgsGq_PeAbpoN38g&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=911211800664970267&opid=apx&ops=&utidl=tech:goo:CAESEJ3xITscgsGq_PeAbpoN38g&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aW...
https://id5-sync.com/qp/18.gif?puid=vec%3A19261398357&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/441/19/6/4.gif?puid=da65dced30afb5db3540881962de07ac&gdpr=1&gdpr_consent=

43 B
1 KB

465ms
464ms

Image
image/gif

51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/441/19/6/4.gif?puid=da65dced30afb5db3540881962de07ac&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:11 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://id5-sync.com/c/441/19/6/4.gif?puid=da65dced30afb5db3540881962de07ac&gdpr=1&gdpr_consent=
cache-control: no-cache
x-server: 10.45.23.116
content-length: 0
expires: 0

GET
H2

200

usersync
rtb.gumgum.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
https://rtb.gumgum.com/usersync?b=apn&i=911211800664970267

35 B
237 B

42ms
42ms

Image
image/gif

54.77.47.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.gumgum.com/usersync?b=apn&i=911211800664970267
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
content-type: image/gif;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 35
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2204b30e-d9c4-4564-b8d6-ce0d60462794
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://rtb.gumgum.com/usersync?b=apn&i=911211800664970267
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

dds
rtb.openx.net/sync/ Frame EAAA
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=lmjANG_mwZEiHlKLePYBEA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
146 B

27ms
25ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: lrvhr883g1jatpgdiqhpppgggktu7g80

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ddf92c4c-56cc-eaf6-f5bd-08c954b8f6e3
pr-bh.ybp.yahoo.com/sync/openx/ Frame EAAA 43 B
88 B 44ms
41ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/ddf92c4c-56cc-eaf6-f5bd-08c954b8f6e3?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EAAA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame EAAA
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dopenx%26bsw_param%3D...
https://x.bidswitch.net/sync?dsp_id=354&user_id=75f85cf1a8554daa859c1ceffe05ce68&ssp=openx&bsw_param=7794e52c-90cd-45bb-81c4-ee1920df7bd6&gdpr=&consent=&gdpr_pd=
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6

43 B
106 B

25ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:19 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6
date: Thu, 22 Jul 2021 20:35:19 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EAAA
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267

43 B
106 B

30ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b03a2bee-5396-4253-8cf8-f27bf96b7abe
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
match.prod.bidr.io/ Frame EAAA
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAEpU7B860AAF5j982Riw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1

43 B
430 B

43ms
39ms

Image
image/gif

52.17.245.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.245.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-245-120.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:452
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1B78 31 KB
10 KB 24ms
22ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85777
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Fri, 23 Jul 2021 20:24:51 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 471B 0
732 B 18ms
17ms Script
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1480be00-89e8-4a14-b814-639172cae0d2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

dds
rtb.openx.net/sync/ Frame AF44
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=lmjANG_mwZEiHlKLePYBEA==&ox_sc=1&ox_init=1
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
134 B

27ms
25ms

Image
image/gif

35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: 2v2a22aekk2qp307a3nj771l0bcsn5sc

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ddf92c4c-56cc-eaf6-f5bd-08c954b8f6e3
pr-bh.ybp.yahoo.com/sync/openx/ Frame AF44 43 B
88 B 36ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/ddf92c4c-56cc-eaf6-f5bd-08c954b8f6e3?gdpr=1

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame AF44
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5

43 B
106 B

24ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-01574fb08bde3815a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=604800; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=2QFvl9Sh1M6Fpw5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AF44
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
https://x.bidswitch.net/sync?dsp_id=429&user_id=27bea86f-2ab1-51cb-8996-f688e96f200c&ssp=openx&expires=30&user_group=1
https://us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6

43 B
106 B

250ms
248ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:17 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=7794e52c-90cd-45bb-81c4-ee1920df7bd6
date: Thu, 22 Jul 2021 20:35:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame AF44
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267

43 B
106 B

26ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.211.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
via: 1.1 google
server: OXGW/16.211.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 41c60e00-727b-418c-a087-c723bf0241dc
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=911211800664970267
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
match.prod.bidr.io/ Frame AF44
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAEpU7B860AAF5j982Riw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAAEpU7B860AAF5j982Riw&pid=558502&do=add

43 B
430 B

38ms
37ms

Image
image/gif

52.17.245.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAAEpU7B860AAF5j982Riw&pid=558502&do=add

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.245.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-245-120.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:15 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AAAEpU7B860AAF5j982Riw&pid=558502&do=add
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-589cbd599f-2lx2x
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FCF6 0
732 B 30ms
26ms Script
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fbbbf3fa-a1fa-42d7-af7a-b655907ff991
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

504
Gateway Time-out

occ
ups.analytics.yahoo.com/ups/56621/ Frame BF90
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

0
0

12813ms
10027ms

Image
text/html

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location: https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a
date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF90
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Thu, 22 Jul 2021 20:35:14 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5AEF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

22ms
21ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame ED01 14 KB
5 KB 51ms
40ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=37634BDC-85F3-40B5-A55A-23702C5E64EF; chkChromeAb67Sec=1; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A201_197; SyncRTB3=1627776000%3A63%7C1627344000%3A216%7C1628121600%3A21_178_99_233_22_55_165_176_7_48_8_54_166_5_3_104_56_13_71_57_220_231_189%7C1628208000%3A35%7C1627516800%3A38_223_2_15; PUBMDCID=3; KRTBCOOKIE_57=22776-911211800664970267; PugT=1626986114; KRTBCOOKIE_80=22987-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&16514-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&23025-CAESEOIxSE_MO0F6-n1eT04tLOU; SPugT=1626969881; KRTBCOOKIE_27=16735-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&16736-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23019-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23114-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3; KRTBCOOKIE_377=6810-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&22918-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&23031-9f3a9903-3a62-4f51-b214-f743430ace4a; KRTBCOOKIE_107=1471-uid:2QFvl9Sh1M6Fpw5; KRTBCOOKIE_153=19420-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf&KRTB&22979-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf; KRTBCOOKIE_22=14911-3477478560383924954; KRTBCOOKIE_1074=22956-e_3c1cb202-dce1-4e65-bcd9-b084e3a76081; KRTBCOOKIE_218=22978-YPnWggADATn9YAAC&KRTB&23194-YPnWggADATn9YAAC&KRTB&23209-YPnWggADATn9YAAC&KRTB&23244-YPnWggADATn9YAAC; KRTBCOOKIE_391=22924-3748493476250715673&KRTB&23263-3748493476250715673; KRTBCOOKIE_860=16335-IWf420PTRdhrCzsTp7YIiE3zv_Q; KRTBCOOKIE_699=22727-AAAEpU7B860AAF5j982Riw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=52880
expires: Fri, 23 Jul 2021 11:16:34 GMT
date: Thu, 22 Jul 2021 20:35:14 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9AD9 995 B
1 KB 27ms
22ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=911211800664970267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 22 Jul 2021 20:35:14 GMT
Age: 6707453
X-Served-By: cache-lga21975-LGA, cache-fra19121-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 11367, 72366
X-Timer: S1626986114.478238,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF90
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: i8ugdugpccg3cpt4tq270eeav562q47i

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF90
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267

0
44 B

100ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 26cd833d-ef6b-41fc-a7f0-3adac97a3139
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame BF90
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: nginx
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame BF90 0
474 B 28ms
17ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame BF90 0
44 B 109ms
99ms Image
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.4761570075416721%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BE78 70 B
264 B 36ms
36ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame BE78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

227ms
226ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame BE78
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame BE78 42 B
466 B 56ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=8343693602673078447&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: FC63BE967A8C4EE681A4FA7EAA1D61E3 Ref B: FRAEDGE1213 Ref C: 2021-07-22T20:35:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame BE78
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/8343693602673078447?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883

37 B
352 B

226ms
225ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 22 Jul 2021 20:35:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BE78
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

224ms
223ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 149e3231-a52b-41e3-87a4-91429ee6894f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame BE78
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8343693602673078447
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t

0
0

219ms
108ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JW97YNM1SCPPJ9DXA9D5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame BE78
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

28ms
27ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame BE78 0
0 58ms
17ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=8343693602673078447
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame BE78 0
0 66ms
28ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=8343693602673078447
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 1683 70 B
264 B 42ms
36ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame 1683
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

213ms
212ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEO2ORj6BAxENyQs4yTI67n4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1683
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODM0MzY5MzYwMjY3MzA3ODQ0Nw%3D%3D
date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 c.gif
c.bing.com/ Frame 1683 42 B
248 B 50ms
29ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=8343693602673078447&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
etag: "9d284f105d6fd71:0"
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref: Ref A: CCE09678A1534799B84999662E9BC171 Ref B: FRAEDGE1213 Ref C: 2021-07-22T20:35:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

xuid
eb2.3lift.com/ Frame 1683
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/8343693602673078447?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883

37 B
352 B

213ms
213ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 22 Jul 2021 20:35:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-cZlG7NFE2oQXBLoP4WbPhYq97d550npRi21pHbR6eQ--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1683
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=

37 B
352 B

453ms
453ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:15 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fcc79a62-3560-4180-b4ef-5ebd1e4e3975
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eb2.3lift.com/xuid?mid=3335&xuid=911211800664970267&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 1683
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=8343693602673078447
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t

0
0

224ms
114ms

Image
text/html

209.54.177.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:16 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D0C08F7EH7EHE94H03KF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=8343693602673078447&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 1683
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

27ms
26ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 1683 0
0 993ms
24ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=8343693602673078447
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 400
Request failed due to privacy signals setuid
ib.adnxs.com/prebid/ Frame 1683 0
0 1023ms
19ms Image
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=8343693602673078447
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 80BA
Redirect Chain

https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927

0
44 B

103ms
102ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:13 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=70e0c5c7-7fff-4b56-afe6-de292ab4f927
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 3f8qnvthe7abo5tqm3e1u8b68qa5iqug

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 80BA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267

0
44 B

100ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:16 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e3cb9310-ba3e-4a2c-9e2b-52692e6eb3ae
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=911211800664970267
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

occ
ups.analytics.yahoo.com/ups/56621/ Frame 80BA
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

0
0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 80BA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174

0
44 B

99ms
99ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YPnWgphzBhKbJOOvKG.B3QAA%261174
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 282
Expires: Thu, 22 Jul 2021 20:35:14 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/ Frame 80BA
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26

0
44 B

103ms
102ms

Image
text/plain

134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

Redirect headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: nginx
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=b56f2277d350a08c1b650f26
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 80BA 0
474 B 23ms
18ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=

Requested by

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 6FB3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east

281 B
554 B

24ms
20ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date: Thu, 22 Jul 2021 20:35:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C2D8 14 KB
5 KB 33ms
30ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: KCCH=YES; KADUSERCOOKIE=37634BDC-85F3-40B5-A55A-23702C5E64EF; chkChromeAb67Sec=1; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A201_197; SyncRTB3=1627776000%3A63%7C1627344000%3A216%7C1628121600%3A21_178_99_233_22_55_165_176_7_48_8_54_166_5_3_104_56_13_71_57_220_231_189%7C1628208000%3A35%7C1627516800%3A38_223_2_15; PUBMDCID=3; KRTBCOOKIE_57=22776-911211800664970267; PugT=1626986114; KRTBCOOKIE_80=22987-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&16514-CAESEOIxSE_MO0F6-n1eT04tLOU&KRTB&23025-CAESEOIxSE_MO0F6-n1eT04tLOU; SPugT=1626969881; KRTBCOOKIE_27=16735-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&16736-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23019-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3&KRTB&23114-uid:c0f260f9-d681-4f00-80e2-2355ed0e98c3; KRTBCOOKIE_377=6810-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&22918-9f3a9903-3a62-4f51-b214-f743430ace4a&KRTB&23031-9f3a9903-3a62-4f51-b214-f743430ace4a; KRTBCOOKIE_107=1471-uid:2QFvl9Sh1M6Fpw5; KRTBCOOKIE_153=19420-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf&KRTB&22979-UmMSqgBlTKJJMBWqADVZ9gVmR6JJZxKjBmP9xIAf; KRTBCOOKIE_22=14911-3477478560383924954; KRTBCOOKIE_1074=22956-e_3c1cb202-dce1-4e65-bcd9-b084e3a76081; KRTBCOOKIE_218=22978-YPnWggADATn9YAAC&KRTB&23194-YPnWggADATn9YAAC&KRTB&23209-YPnWggADATn9YAAC&KRTB&23244-YPnWggADATn9YAAC; KRTBCOOKIE_391=22924-3748493476250715673&KRTB&23263-3748493476250715673; KRTBCOOKIE_860=16335-IWf420PTRdhrCzsTp7YIiE3zv_Q; KRTBCOOKIE_699=22727-AAAEpU7B860AAF5j982Riw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=52880
expires: Fri, 23 Jul 2021 11:16:34 GMT
date: Thu, 22 Jul 2021 20:35:14 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 47E5 995 B
1 KB 33ms
23ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: uuid2=911211800664970267
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 22 Jul 2021 20:35:14 GMT
Age: 6707453
X-Served-By: cache-lga21975-LGA, cache-fra19121-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 11367, 72367
X-Timer: S1626986115.508124,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 match
e.serverbid.com/udb/9969/ Frame 80BA 0
44 B 104ms
100ms Image
text/plain 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.9858231505475663%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
Requested by: Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:14 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 9AD9 0
732 B 181ms
24ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d4bce2c6-de0d-4899-8250-7caf33374e32
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5AEF 31 KB
10 KB 23ms
23ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85777
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Fri, 23 Jul 2021 20:24:51 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5AEF 284 B
536 B 33ms
33ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6FB3 31 KB
10 KB 23ms
23ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=85777
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9358
Expires: Fri, 23 Jul 2021 20:24:51 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 47E5 0
732 B 149ms
24ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:14 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4162210f-0bee-49e6-8989-0859f48d7cd6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 6FB3 284 B
536 B 39ms
39ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/jpg

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
29ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=8299&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=5187&an=1192&gi=1&gf=5187&gg=1192&ix=5187&ic=5187&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5187&bx=1192&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5039&cd=1045&ah=5039&am=1045&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=1934412673&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=8500&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=5389&an=5187&gi=1&gf=5389&gg=5187&ix=5389&ic=5389&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5389&bx=5187&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5240&cd=5039&ah=5240&am=5039&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=199230106&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:14 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 80BA 0
347 B 23ms
22ms Image
image/gif 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=vi&aid=0&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 03:24:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 142341
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: xq6qKY5zcjAGWGkFhwenQMNYuMbmdCSBiiyoI90h-t-RN9lkgpTqqQ==

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 471B 0
732 B 1162ms
18ms Script
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: df6ffc90-6c16-4691-95cf-a9474a54d7c3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FCF6 0
732 B 1161ms
43ms Script
text/html 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Jul 2021 20:35:16 GMT
X-Proxy-Origin: 77.243.191.244; 77.243.191.244; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2f43ab05-dbde-49e1-9fd7-27a02137cf3a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
108 B 35ms
34ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=videoplaytime25&ad_mt=2750&acvw=sv%3D900%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2748%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D623%26pst%3D420%26dur%3D10051%26vmtime%3D2749%26dvs%3D0%26dfvs%3D0%26dvpt%3D2731%26is%3D18%26i0%3D18%26i1%3D18%26ic%3D0%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D18%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483641%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986115775%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 0A37 0
260 B 1086ms
21ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 20:35:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
64 B 35ms
34ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=videoplaytime50&ad_mt=5249&acvw=sv%3D900%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5246%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1227%26pst%3D420%26dur%3D10051%26vmtime%3D5248%26dvs%3D0%26dfvs%3D0%26dvpt%3D2498%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26ic%3D512%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D31%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986118273%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 29ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2F247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=13128&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=10016&an=5389&gi=1&gf=10016&gg=5389&ix=10016&ic=10016&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10016&bx=5389&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9869&cd=5240&ah=9869&am=5240&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=458175689&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:19 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:19 GMT

GET
H3-29 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
64 B 34ms
34ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=videoplaytime75&ad_mt=7750&acvw=sv%3D900%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7748%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1833%26pst%3D420%26dur%3D10051%26vmtime%3D7749%26dvs%3D0%26dfvs%3D0%26dvpt%3D2502%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26i3%3D18%26ic%3D0%26cs%3D4626%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D43%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986120775%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pubads.g.doubleclick.net/pagead/interaction/ Frame D2F0 42 B
210 B 36ms
36ms Image
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/pagead/interaction/?ai=B8XDJf9b5YMv9NpvpgAeYlqvYBeeQ_INGAAAAEAEg0NnBNDgAWLDn4bWDBGC5-MeA3AGyARR3d3cubmV3c2NoYW5uZWw1LmNvbboBCzQ0NHgyNTBfeG1syAEF2gEdaHR0cHM6Ly93d3cubmV3c2NoYW5uZWw1LmNvbS_AAgLgAgDqAjkvMTMzODEwMDE2L1NjcmlwcHMvc2NyaXBwcy04NTgwLWNuc21ibC12aWRlby05NzB4MjUwLWRyLWT4AoLSHpADyAaYA-ADqAMB0ASQTuAEAdIFBhCovIWzFZAGAaAGI6gH7NUbqAfz0RuoB5bYG6gHqpuxAtgHAeAHH9IICQiA4YAQEAEYHdgIAoAKBZgLAdAVAYAXAQ&sigh=wyejRaoXBio&label=videoplaytime100&ad_mt=10052&acvw=sv%3D900%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D1598,420,1848,870%26p0%3D1598,420,1848,870%26p1%3D1598,420,1848,870%26p2%3D1598,420,1848,870%26p3%3D1598,420,1848,870%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mtos3%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10269%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2489%26pst%3D420%26dur%3D10051%26vmtime%3D10051%26dvs%3D0%26dfvs%3D0%26dvpt%3D2521%26is%3D18%26i0%3D18%26i1%3D18%26i2%3D18%26i3%3D18%26ic%3D0%26cs%3D4626%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26c3%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D301%26femvt%3D0%26emc%3D56%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D552910913%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1626986123295%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0%26ss3%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1626986112120&sdkv=h.3.472.0&vci=CnMIARIec2VjdXJlcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDQxODg5NjgyDDEzODM1NzAxMTM3NkCnAVIqCGMQDyUAAPBBKAE6C01WWmgyZmJMMnhvQgtnb29nbGV2aWRlb0i8B1AAGAE.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 80BA 0
347 B 24ms
24ms Image
image/gif 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&b=c&pid=17750&s=450|250&os=l&m=0&apa=0&df=0&ow=14722&id=undefined&pub=p&e=v&aid=0&par=i&pp=0&wp=0&at=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 03:24:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 142349
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Heb6uTqcTekh03wpg5HZsXtPAE5pNxYs3myx2USev6BItBEQ4TTOyw==

GET
H/1.1 200
OK 400_hls_g3-blueberry.mov.m3u8 Show response
traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/ Frame 80BA 213 B
731 B 759ms
128ms XHR
application/x-mpegurl 52.216.110.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/400_hls_g3-blueberry.mov.m3u8
Requested by: Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/hls/1.0.16/brid.hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7781cd022eac1fd79c5beafdca03213f8b62e971528f30b53110b88f181cc30a

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:25 GMT
Last-Modified: Sun, 06 Dec 2020 19:14:45 GMT
Server: AmazonS3
x-amz-request-id: 9EGRN6B8KR8AEBH7
ETag: "f4eaab6dfe20112ebd5517ba9c0b608f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 213
x-amz-id-2: bpfRBvpuUXrKMBU5cPQ3Ve8o1jQ4KUjILllmZOzhtXyCgMgNiz/ltP76r/iavlLntvkk8SUHnyk=

GET
H2 200 ping.gif
stats-dev.brid.tv/ Frame 80BA 0
347 B 22ms
20ms Image
image/gif 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=13841&pr=p&d=NaN&b=c&pid=17750&s=450|250&os=l&m=0&id=undefined&ow=14722&e=s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Jul 2021 03:24:34 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
age: 142349
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: H_QSeAoR1iTZ0ZCvrI4ouBDwm6W6d0J2FgBOQkxxfRwj5VlGbNtAhg==

POST csi
csi.gstatic.com/ Frame D2F0 0
0

GET
H/1.1 200
OK 400_hls_g3-blueberry.mov00000.ts Show response
traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/ Frame 80BA 455 KB
455 KB 113ms
112ms XHR
video/mp2t 52.216.110.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/400_hls_g3-blueberry.mov00000.ts
Requested by: Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/hls/1.0.16/brid.hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59c22bdd53f2052132d16d8407be18df867b0cb585191c1a8ec7edeb12e529f6

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:25 GMT
Last-Modified: Sun, 06 Dec 2020 19:14:45 GMT
Server: AmazonS3
x-amz-request-id: 9EGN091VFG3ZP8BA
ETag: "b1f87cbb6fad9ea68f674dd41c18c6af"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 465676
x-amz-id-2: w43TitZcqVxeXOp6EUbauGI3axc3hlxTbmOyEFj7NFO2AtIJCoZvw0nbf3VySvXa0WkoqXMb1K8=

GET
BLOB 200
OK 6e538b58-0154-4d2a-ab81-28e465c488d9
https://www.newschannel5.com/ Frame 80BA 85 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.newschannel5.com/6e538b58-0154-4d2a-ab81-28e465c488d9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5456947c1684c7f320bcbdcc87fb37ccffe8c0e3bf11df812017d8e3efde4b6e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 86740
Content-Type: text/javascript

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&zMoatAdUnit1=ssp.wtvf&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=16&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-2RhMh0IJ33cxUahFibJNuf8fWh6NxOl9R0RB2436S0SxzRsAfXjmhYeX&sc=1&os=1-Pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.newschannel5.com%2F&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C11&zMoatpt=landing%2Cfalse&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.newschannel5.com%2F&id=1&ii=4&f=0&j=&t=1626986106486&de=935681096727&rx=130376518058&cu=1626986106486&m=18178&ar=29ad59d-clean&iw=738e604&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=16432&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1028%3A1028%3A3302%3A1049&as=1&ag=15067&an=10016&gi=1&gf=15067&gg=10016&ix=15067&ic=15067&ez=1&ck=1192&kw=1045&aj=1&pg=100&pf=100&ib=1&cc=1&bw=15067&bx=10016&ci=1192&jz=1045&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14916&cd=9869&ah=14916&am=9869&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193224&na=684456827&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Jul 2021 20:35:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Jul 2021 20:35:24 GMT

GET
H/1.1 200
OK 400_hls_g3-blueberry.mov00001.ts Show response
traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/ Frame 80BA 486 KB
487 KB 114ms
113ms XHR
video/mp2t 52.216.110.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://traileraddict-converted-assets.s3.amazonaws.com/g3-blueberry.mov/400_hls_g3-blueberry.mov00001.ts
Requested by: Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/hls/1.0.16/brid.hls.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.155 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d001c97bfe76a9130aba268942620edc108c4ca005f3974062fe1c96f5e6ad07

Request headers

Referer: https://www.newschannel5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 20:35:25 GMT
Last-Modified: Sun, 06 Dec 2020 19:14:45 GMT
Server: AmazonS3
x-amz-request-id: 9EGNP3NNFN2DS7VY
ETag: "69bba2dd0cb1be0844f186178afc9d30"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 498012
x-amz-id-2: Njvz1OifdwwRk2nlcuBtof7ZDzpVJfQH588mL9JtQdydD+elE0Bjd2AzFUJL7Ox9dWCpEa8S+t4=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.newschannel5.com%2F&tmax=2000

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.newschannel5.com%2F&tmax=2000

Domain: prebid.digitru.st
URL: https://prebid.digitru.st/id/v1

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP5165b390-eb2c-11eb-9e2a-06d1429e0b9a

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~krfdiv8g&c=8247036298247&slotId=4123518149123.5&qqid=CIu5hMrD9_ECFZs04AodGMsKWw&gqid=f9b5YLebNuaox_AP9J2JiAE&fb=ima_html5-lima&sdkv=h.3.472.0&ppt=brid-player&ppv=2.7.18&mrd=8&aab=1&itv=1&gpm_i=3&gpm_c=3&gpm_a=3&smb=250&br=99&mt=video%2Fmp4&vs=320x108&uet=2&met.4=err.krfdivi0&aec=202&rec=show_ad-1%7CloadedMetadata-1%7Cloaded-1%7Cimpression-1%7CcreativeView-1%7Cmeasurable_impression-1%7Cstart-1%7Cmute-1%7Cerror-1%7CfirstQuartile-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.newschannel5.com/	1970-01-19 22:06:02	Name: _fbp Value: fb.1.1626986107744.2004242824

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 10) Message: we are running the javascript modules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: inside showcaselist
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: undefined
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: starting the state machine
console-api	warning	URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js(Line 5) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js(Line 5) Message: fun-hooks: referenced 'adpod' but it was never created
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: returning data
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: [object Object]
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: the end of fetchschedules
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: STATE ISlive
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: WE ARE TOGGLING LIVE
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: TOGGLING ELEMENTS
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: TOGGLING ELEMENTS
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: REMOVING HIDDENhttps://www.newschannel5.com/live
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: REMOVING HIDDENhttps://www.newschannel5.com/live
console-api	log	URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7) Message: REMOVING HIDDENhttps://www.newschannel5.com/live
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195(Line 1) Message: not in breakout
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195(Line 1) Message: true
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195(Line 1) Message: true
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195(Line 1) Message: true
console-api	warning	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 5) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195(Line 1) Message: iframeLoaded called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/unit.js?cb=1626986109195(Line 1) Message: iframeResized called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: loadTrack called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: bindbuttons called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: player ready
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: bindPlayerMethods called
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: mutechange event
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: requestAd
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: Video start
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: adStart
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: adEnd
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: Video start
console-api	log	URL: https://yummy.consumable.com/8580/cnsmbl-video-970x250/widget/iframe.js?cb=1626986109949(Line 20) Message: Video start

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

247527568bf37754f9d3b2f79416d7f9.safeframe.googlesyndication.com
4394967.fls.doubleclick.net
753091575b14af33e0d324c1154665d7.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.pubmatic.com
ads.rubiconproject.com
adservice.google.be
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.ewscloud.com
api.pymx5.com
as-sec.casalemedia.com
assets.scrippsdigital.com
b1sync.zemanta.com
bh.contextweb.com
biddr.brealtime.com
c.amazon-adsystem.com
c.bing.com
c.brid.tv
c1.adform.net
c2shb.ssp.yahoo.com
cbsnews5.com
cdn.contentspread.net
cdn.parsely.com
cdn.traileraddict.com
cdn5.userzoom.com
clarium.global.ssl.fastly.net
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
cookie-matching.mediarithmics.com
csi.gstatic.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d65bbab191aba4fe3222b96830b5ac5a.safeframe.googlesyndication.com
dis.criteo.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
gift-connect-d.openx.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
hb.emxdgt.com
hblg.media.net
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
includemodal.com
includemodal.global.ssl.fastly.net
inv-nets.admixer.net
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
mb.moatads.com
p.brid.tv
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.digitru.st
protected-by.clarium.io
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.moatads.com
px.owneriq.net
pymx5.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s3.amazonaws.com
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
services.brid.tv
simage2.pubmatic.com
simage4.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.ewscloud.com
stats-dev.brid.tv
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.resetdigital.co
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
traileraddict-converted-assets.s3.amazonaws.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
v.traileraddict.com
vtrdn-wjdav.ads.tremorhub.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newschannel5.com
x.bidswitch.net
yummy.consumable.com
z.moatads.com
csi.gstatic.com
prebid.digitru.st
tlx.3lift.com
ups.analytics.yahoo.com
104.109.78.125
104.111.242.53
104.17.119.107
13.224.193.116
13.224.193.15
13.224.193.19
13.224.193.4
13.224.193.67
13.226.132.202
13.226.145.101
13.226.145.126
13.226.145.44
13.226.147.71
13.248.242.197
134.209.131.220
138.201.63.165
142.250.184.194
142.250.74.194
146.0.227.107
151.101.13.108
151.101.13.194
151.101.14.49
159.253.128.183
167.172.1.14
169.197.150.8
173.231.180.197
178.162.133.149
178.162.133.150
178.250.0.163
18.134.72.135
18.157.108.214
18.159.8.206
18.185.190.29
18.185.206.154
18.194.193.174
18.195.54.133
18.196.230.57
185.29.132.241
185.33.223.178
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
185.94.180.123
198.148.27.139
2.18.233.180
2.18.234.21
2.18.235.40
2.18.235.93
2.19.35.65
2001:678:cb4:bbbb::11
204.2.255.233
205.185.216.10
209.197.3.16
209.54.177.54
213.19.147.45
213.19.162.51
216.52.2.39
216.58.212.166
23.111.200.118
2600:1f18:612b:4264:5c8e:cd57:8c3a:71f
2600:9000:20eb:e600:10:618e:d880:93a1
2600:9000:2182:1800:18:1fcd:34f:cdc1
2600:9000:2182:5e00:9:4c16:5180:21
2600:9000:2182:b400:6:44e3:f8c0:93a1
2600:9000:21f3:2c00:d:77c3:2dc0:21
2606:4700:20::ac43:453b
2606:4700:3031::ac43:d645
2606:4700::6812:c05
2607:f8b0:4006:81c::2003
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9a
2a00:1450:400c:c08::9b
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.211.246
3.126.56.137
3.21.254.38
34.205.3.24
34.253.111.115
34.96.74.203
35.157.246.167
35.227.203.93
35.227.252.103
35.244.159.8
35.244.174.68
37.157.4.28
37.252.172.249
38.27.122.101
44.230.85.241
45.35.192.162
51.75.15.61
51.89.21.10
52.17.245.120
52.216.110.155
52.217.42.174
52.22.60.34
52.45.185.178
52.57.10.248
52.57.110.162
54.144.144.142
54.226.209.67
54.77.47.243
64.202.112.63
66.155.71.150
67.202.110.24
69.173.144.138
76.223.111.18
78.46.23.46
88.99.65.215
91.228.74.134
0123fc63a38c97c7ed3d11a509baf6d913d6c0197d385a40c50a6b2b5e7cfb4a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079271ba6a62f5adde2e814359030ba6294d0f0279a3a5c247212ba871a301ce
08165ff2eb18b34353a75c6981e3ad6b6aaced1ec8eb5374aa18ace520d5ed1f
08fcdd6f9b764f048f0e87f97e3d752ad6be37290960cd8982d023f258daf343
0aae9ffbfef06b0b5ef60ef6c0aebfceebb2e9f0deca58dcd9aacacda7e0d7fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0ff30c727916819b4af43b6496baea6d056c41930de5e4d845df18e74fcdec07
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130cd7fbc7a835ab8d1e683a108369534476bfc5c5b75cf93a3def2bce0f5812
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
138ac841d8e56fe8eeca0f213f772a11af59f39a4e0837df13c90bc45eea8d8c
16bd8d6b119f00a645aa9f7a3be8c3da9a8aa7c9b7e9e7da557b551d8f5a73c2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19a6284f20417638845a46083afd8726859a62e0571a49baf13563044d135bd6
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ed11343d12c0970cdd50d56bd0826805603af5c08cabba4ac5b3603bc65b689
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
234d7d2f926536c1eebf578704318e5f217d5825319b3723735f0635397c1205
2418ec657ce8bb25dee8ddb0ac29cb2379a43b4f115b653ef974d3c9fc52e649
26ad0a9a591350ffe992b322697d12a35fa26186ed27b33d263fd26ceadac541
284fab6a2838aa49b6806fadf67d3e8e4f82b6b0f0d474363dfbf8e1a48f52b6
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2baf631fc505ace0a43931c797734915f09aebca45f01a7b3308ec9f2a65a317
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1d714eb714b2bfa48502026802ccaa8c5a9c62817d716a4b30983db5a7341b
2f501f0dc7902362b7eadb932b3e02a67b2c37fee0b95dff75bb34f311ada35c
310254a1f7adc8c93a263552cf64f9edb0ee77e5cddd38e4af4deabafd3eb29e
319750c290d5565742c47c2da4ef48c023fda39365fc58dec2be293d1510c400
33a8442d58fe84873198b0e7d1ab67f7636191552c89f6a47c661bb809b384b1
369ee8b3a261b36bb923507fca5009e67175766b693c127ab8ef5ec91b79d317
371a0384ef81bdadb7bb5e8efbdc5df444b12f105b3c8ffe80dcfc7cf0bcfc2c
39e7bb2ec655cf9af41b609a7e243d518007ca533a7eca602f7a98c0c6e3695d
3b17c629474524ac98512b9840adadc7f725e65713252881805346e5d147d47a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43b570b2841b5a0e9a52c7dc9398810e603a9e5f7743c84302175dd2fdc83333
4752d0728e10f3272d2d5e2673558cadc5c24d8e39aa5d447aa37e1bb61c6789
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b5216fe1426bd23de932c0748a74a6354d48f2ab6d0eaba1057b8df68634c3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53be3647fbf2ee02da05b009aa8c27abd53bae6d8e848937a7f185f36768eff1
53de68ab3d675630d6fef44e368929af5eaf38d4b891e58fbaa9d7e4bf2dfc8c
5456947c1684c7f320bcbdcc87fb37ccffe8c0e3bf11df812017d8e3efde4b6e
5515ea33e1936f6be7aedac81bdd492c5ddb5df0727a8458c06abd490d22e3c5
5709f4e8f843e20ef20be4549b11939e817de1dcad742f00cd44bf5ba5c37f77
57bebbafc95fac4106aa8b36167dfc9d0d3973d388e8ce0a3b1844557f9480a0
59c22bdd53f2052132d16d8407be18df867b0cb585191c1a8ec7edeb12e529f6
5a473f833b877f722001905b5b7ee44a58551e64d4e666ed56a992a80e9ddd41
5c2c05cdb42590baf236f817bf784791161a98d95a9ef74687a6f2e97e86b76b
5ceecb88cbd1389cb4db365f74b36b401f27e4add5a6cb256910b0d5c73c11a2
5d120e4c9518f2c174f25a66be07ad20486f24114fa06f88bb736db5519c9678
5f569d5f6bd30f67581525fd6144fdd59ecd2089ec76582703ef3cc889ffbab4
60e9531d515e4385dcefb45a61e2d80ea16e3a5a2364bacb3e21694d01edd310
614020acf792911197d7436ae21b8dc0e3004ebae8d8d43399eb8a9691986557
62965052035405846c2a82a5f9c8e662db24ff92100bad81ec4b82d5135a7a78
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
6322feb5482d67ef0fd9ee7b54d6352bdbc6b79524ba7f99b3a1fd939b893eee
636b336ce0c94e2a8dd05360505c234edbc07ea0b07fa48389b731f4bece9246
6415575c98dd2666397a8bea39eedb7381c364ca4c23228c9b18ea16ab3df75f
662512d97695dc3dc1af2eaa2bb5d7e9e62a012e4a07547af0e75efbe36fd61e
66d30e68cc22382ef9d4b9ad07d61a5a895bc04dbb61e45e2180c0b98aee7cb0
67a9f8b0b6c9bf12fcb9d798881cb32ea8fa972773e74858f8b8b8be28f07440
6897ad9adfe8ac5096b21c5d572770f0f97a1680f72aa6aee6b03c94fa063969
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae402c31c8c5dcf96437e80ad658625258ddb8ba29f5b2bac0357eb65d1e349
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d879fd34eb2f1c8c217cc3071761b03536f399a39c3ffabbd2f0067fcdfcc93
7265b9247b2c56183309314ceaa246a37119c8fdd05ecac838f456c78685ace4
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7313b1057f6543d7eb7acaa080be92b436473884cc71a5b0bdf5ece0d5e0aa4d
735af02bdc21f0ad4af779f096620339dcbb295517a220b020ecde96dd187b04
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752e3c3599ebb9cc2bf630faf9a60b49c8c773cf9a92bc5747fd2629f69bf8f3
75e1139bf3a7061e3a5f2ad865d65ae2503682db46671ad2f3cb94adaa4e3b7a
7614a5bfcdf62a6df3f66e16104af543749f263f4de8f24f533434f89b1b7be7
762250f67d265d4f2f81cbed449e9ab17feb463a17fde3415c2e5ac683c106ce
769249823d1ad5e73fc88c0f72ffc05b8605923e6b92b506bc40a71a198b80b6
76d342a328cf0b5359d3c610116a8d579dd778898d07def81853a4f1fee7dab4
76e5591612f2b00c68824472590a1101ed872ed70cf5a40e8c665dcc5a5abb22
7781cd022eac1fd79c5beafdca03213f8b62e971528f30b53110b88f181cc30a
77d61926f7acef295665e8bc3705000e21c1a4db847338f5969af47c37822bad
785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3
792699a22b545ed6fee1296e49cbc61c59763853015130cd2fb1b03655529864
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a9c7947e8e97888530f5d8cc0e0cc78951b7b1b735f297c864af1cbd28d720f
7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba
7ceaf650e16b7672a4c84739c4968ee98ae66bd8d708b860e97a987a91f755a4
8210683ac1f39229377e357b231a4f0ec747c231d3e89c680b78bdfba760ef32
82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8320844764f01f151531ead757465cd126f8f2796c7ea1618ea2849aca0466d0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
8619f6475693ab45b894709a076961bc4924e78342f1bacd9a33c6fd2d4f3db8
8628e447138b28448c4dc1dc3214d2ccb0a60df9e7b4690e7d74a3bc0184e6ba
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88e071a02a5adf92b172da587c1d4469a2984108aa6d90ab042f2887859d053e
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8b65f8e738f34fb760c21a7cd10443086d65cf1e9ee7375792b3c3488191c20f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
92dc8adf2c9ff2f0a80481d2ecb1da693c0519cc6cc97d83edc4cfcc8104fc1c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9382cfa06c30a554a7022d3eda7e2a299285c3d1ca983b50abb6f39d56fe9a63
9592b27c145acee477908583cbdf62f5ce13238a120afaec8e6632e4678baccd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842
9c25c4e240bd28a308851f487711c88680072496bf9865fb73a258dff5ca3fd9
9d5ef4f9318af312d5c3c4ee1bb7a2f33fb9eb03f8cb2bf907aa53af76214f74
9e6d4fba5c1ec0fcb994635bf90528b8bc8f8e068bb5309532fefb10e6fc87b7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1e999ac24b93c0839b437900983deeb5916ca65fefa3c7ea71f062cb3f9e3eb
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a438b3777b6690da042658ca73a55a9dcb8716eab2d5044fc64a3e3670658b05
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59f78e89357c7acfe9855deb46bedf165376caac77b78c5fa2f5a8e542c8df1
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a83de1970f1a75f0b62762e5e592c69c72f5fda330641689fa8fc9ae0594a6e7
a92bd36ff0fddfa04b7655e233a1bce7b1adef2fa50da6d1234c7440252ee0eb
aa7dbd87bf4ade8fb9668e96182ff4ec73ede1b439635f73d6a417c04a1d242d
ab2369e24b854e8f16e5733a3c40a8a31a72ad4f1904808a28dddfc6c96c838e
abbcea624e983f15d50f37217c40f6d4b7b049aee7122b572ef6d7e040286e8f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24a6646c4af9d56546f9934bae63024dbe4aaf8401caabb327cf20e640deab6
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7fc9be9482dd28a187295048364890d118f5490653638735d190c27f98dfd9e
b8104cda342b58ad667f44ecd22591c316b4cb8293587a78184ea837813d7333
b8a9e67cd043aab0499b1f362f579213e8261f24c3c9988f014990734670818e
b95a070f7a633909b43da2132485e939ce33c032b3149a16afb48e55cee40693
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
beaee7e6acb9d4269bd59591d7c670cc889072684a1f64625f213c400817249d
befc03cec33e0f6c9233dc9c2284cec6da376b548ab30a9e291a12226c9135f4
c0ec451fa90f4cbc9fbfdc6ee48dfb958ba02efc94f0bd68315fe8dc72c44c58
c105e92e6d74d51c6452e1a43eebcfc303d88f98aed8c41c8c63b26f5793adca
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c46910f27aeefbc8a277380722a6aa2516ec14f470c22a5c948fbc532ece557c
c6020e69cb95aa6159412f88baf413f9b721c360573b5b3674a0497599604885
cb7927e7c49a221c2a3d65e082514bdb2dd16a1b19383863bf0f78e174b57e99
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cec646637df8edec1d6470b1bda636d8a43102b1c4553c2270998aab34619f04
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d000d216982e32f55971d00660c4168ae0211bb471c80b6f3b2c17948351e93c
d001c97bfe76a9130aba268942620edc108c4ca005f3974062fe1c96f5e6ad07
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d6aa3fcf04d6a362c2a082cd482606251de0e0129861145fca91cbdd3121af86
db6cc9cee48f4e989dd47ad212dc7ce4f82ab2e9a4148a1904b319f7ed970ffc
dbca6f28cc533d925a273f298502b17ab2187177947d74fb9cc01d84cd40b067
dbe522e8a8682c9d419d4d1e0734e219f5b83c6d94b7446c0122700a0eb5a037
dbf97de499be855419e0f28c82080ec63a65b39c830bd4fcdbfdf7b3fc26051c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df89d2b959d80201c543061465ca8dffbda706565eb5770ec4838ce7dfcc9e59
e160fa87d6a461066b724fb344a26dddce1f71b15eac09bd7215c5e13e9386bb
e1dedd2c0389f21780e49142982aa787284c7f579e5ca61ea4874fb7d26cafa2
e3260df863f0b8885df2b94c3ff6c662c3cbfd738dbea29f20a438918e74bbcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e51f4aacc34104f5bf1f91f22e82941c52604867525a876cd65eee2c8f8ecdd3
e75d314fab0c1fb09c90b1ee7051ca57bd554017c874d96d113356b28ba57928
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
eaae522c9914afdd4acf0775faad7eae917ae494c5e46ee8f65ae0e8bc420171
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee2212c8d098822d233ef645b713c455e1ca16e44dace81f1b503e9505ec2b59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09b1bc9b70cace8fa3d2a3413e01da4526576334e2ad091a0e792e6fbbd92f1
f0cb40e1da5643bd18eb070a1ff36a76b9c9bf6a451586d14b29fa731c9715a1
f1e6cd314f7edb3b841803f719b61b002fe565a65964efd702b420c67bc5fee0
f25c6bc5c52be9862b8206b499eacbcb0f8036d40b706e91140598e43b5250cc
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f388451aa36c362ea03eec3287a0cedc0df4333c57e0d2bdf7e5f44443afdff8
f39f8396ce2befd5b38a6d3b917debc494178204effd7ec814d6299942ba3c80
f5f4489cc7fe9a140982b13ed7a8fe1989f010ffbcf5667d6295eefe10ac5eb1
f7e158e0c0be778d1ea45d3c416e12494fb13c085d93e855c8af4d35e65f1730
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596
fa44b3d09e7435d220d6fa18cf71df0299635bc83efd752d5b5ac997ef283413
fd0e28f1e54476478bfd5cdf04451eee123d4accbeae7386fae4691acb7150a5
fe3597d387350d14a00ae2bc7f134cc74608b6c7823108217ca103ae6c555020
ff74753c4fc2b91dda33e4656268727e261ffe843483731e1dd652451f0657be

www.newschannel5.com Open in urlscan Pro 13.226.145.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

433 Requests

98 %HTTPS

27 %IPv6

94 Domains

154 Subdomains

112 IPs

11 Countries

6065 kBTransfer

13140 kBSize

1 Cookies

12 Outgoing links

Page URL History

Redirected requests

433 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newschannel5.com Open in urlscan Pro
13.226.145.126 Public Scan

Screenshot
Live screenshot

Full Image

433
Requests

98 %
HTTPS

27 %
IPv6

94
Domains

154
Subdomains

112
IPs

11
Countries

6065 kB
Transfer

13140 kB
Size

1
Cookies

433 HTTP transactions
6 data transactions