urlscan.io logo urlscan.io
SecurityTrails logo

crooksandliars.com Open in urlscan Pro
150.238.37.130  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.crooksandliars.com/
Effective URL: https://crooksandliars.com/
Submission: On March 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 127 IPs in 9 countries across 106 domains to perform 553 HTTP transactions. The main IP is 150.238.37.130, located in United States and belongs to SOFTLAYER, US. The main domain is crooksandliars.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 18th 2020. Valid for: a year.
This is the only time crooksandliars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40 150.238.37.130 36351 (SOFTLAYER)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2.16.107.56 20940 (AKAMAI-ASN1)
5 184.30.21.51 16625 (AKAMAI-AS)
24 2a00:1450:400... 15169 (GOOGLE)
1 54.197.97.75 14618 (AMAZON-AES)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
3 35.201.84.252 15169 (GOOGLE)
4 35.190.74.49 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:218... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.253.250 15169 (GOOGLE)
1 16 151.101.194.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.203.30.237 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2.16.107.75 20940 (AKAMAI-ASN1)
4 52.0.218.160 14618 (AMAZON-AES)
1 2600:9000:218... 16509 (AMAZON-02)
4 151.101.13.194 54113 (FASTLY)
2 13.226.158.204 16509 (AMAZON-02)
5 142.250.185.98 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 3.141.58.182 16509 (AMAZON-02)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 7 2620:116:800d... 16509 (AMAZON-02)
9 151.139.128.11 20446 (HIGHWINDS3)
9 54.77.239.84 16509 (AMAZON-02)
2 172.67.38.97 13335 (CLOUDFLAR...)
6 44.237.126.120 16509 (AMAZON-02)
3 2600:9000:218... 16509 (AMAZON-02)
4 6 3.126.56.137 16509 (AMAZON-02)
1 52.13.149.62 16509 (AMAZON-02)
1 9 34.98.64.218 15169 (GOOGLE)
1 18.196.104.43 ()
1 213.19.162.41 ()
1 216.52.2.48 ()
3 52.22.61.253 14618 (AMAZON-AES)
4 18.185.167.149 16509 (AMAZON-02)
1 213.19.147.210 ()
8 185.64.189.112 ()
5 17 185.33.221.89 ()
1 178.250.2.131 44788 (ASN-CRITE...)
5 25 184.30.20.241 ()
4 2620:1ec:46::19 ()
5 104.76.201.56 ()
1 2 184.25.115.49 ()
2 34.98.72.95 15169 (GOOGLE)
2 13.226.159.37 ()
1 13.226.159.129 ()
1 13.226.159.18 ()
1 2 52.142.114.2 ()
1 2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 104.244.42.8 ()
3 142.250.186.166 ()
42 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
6 54.244.32.41 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.227.229.34 15169 (GOOGLE)
5 184.30.20.198 16625 (AKAMAI-AS)
19 34.95.65.255 15169 (GOOGLE)
2 4 52.8.50.232 16509 (AMAZON-02)
9 9 52.29.191.126 16509 (AMAZON-02)
4 8 2a00:1288:110... 34010 (YAHOO-IRD)
18 54.148.227.155 16509 (AMAZON-02)
4 23.37.38.181 16625 (AKAMAI-AS)
4 52.59.160.25 16509 (AMAZON-02)
4 185.94.180.124 35220 (SPOTX-AMS)
3 185.64.189.115 62713 (AS-PUBMATIC)
1 213.155.156.182 1299 (TELIANET ...)
1 178.250.2.151 44788 (ASN-CRITE...)
4 5 54.228.192.197 16509 (AMAZON-02)
13 33 142.250.185.162 15169 (GOOGLE)
1 185.86.137.131 201081 (SMARTADSE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 23 185.64.190.80 62713 (AS-PUBMATIC)
1 1 87.98.252.5 16276 (OVH)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 2 199.232.137.44 54113 (FASTLY)
1 2 35.227.248.159 15169 (GOOGLE)
6 6 3.125.99.7 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 159.253.128.183 36351 (SOFTLAYER)
7 12 52.214.43.215 16509 (AMAZON-02)
4 5 37.157.6.253 198622 (ADFORM)
5 5 185.29.135.226 30419 (MEDIAMATH...)
2 2 54.87.192.123 14618 (AMAZON-AES)
2 185.64.189.114 62713 (AS-PUBMATIC)
5 5 151.101.114.49 54113 (FASTLY)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.197.210 14061 (DIGITALOC...)
3 3 66.155.71.149 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 2 185.33.221.13 29990 (ASN-APPNEX)
1 1 63.33.123.138 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
25 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.162 15169 (GOOGLE)
2 2 35.190.0.66 15169 (GOOGLE)
3 8 3.122.89.158 16509 (AMAZON-02)
2 2 18.158.93.70 16509 (AMAZON-02)
5 10 69.173.144.139 26667 (RUBICONPR...)
5 5 213.19.147.151 26120 (RHYTHMONE)
2 185.64.190.81 62713 (AS-PUBMATIC)
4 5 18.197.47.23 16509 (AMAZON-02)
1 184.30.20.185 16625 (AKAMAI-AS)
1 104.16.190.66 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
2 4 72.21.206.140 16509 (AMAZON-02)
1 1 52.45.55.28 14618 (AMAZON-AES)
1 52.57.135.36 16509 (AMAZON-02)
4 104.108.50.124 16625 (AKAMAI-AS)
1 1 13.226.159.116 16509 (AMAZON-02)
1 38.27.122.126 174 (COGENT-174)
1 2 146.59.148.16 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
1 1 34.192.170.233 14618 (AMAZON-AES)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 1 50.31.142.63 23352 (SERVERCEN...)
1 2600:9000:218... 16509 (AMAZON-02)
1 3.217.41.235 14618 (AMAZON-AES)
2 2 35.210.53.219 19527 (GOOGLE-2)
1 1 23.37.42.132 16625 (AKAMAI-AS)
5 52.22.134.82 14618 (AMAZON-AES)
1 1 88.214.206.142 46636 (NATCOWEB)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 142.250.185.130 15169 (GOOGLE)
553 127
40    150.238.37.130 (United States)

ASN36351 (SOFTLAYER, US)
PTR: sam.crooksandliars.com
www.crooksandliars.com
crooksandliars.com
blueamerica.crooksandliars.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
5    2.16.107.56 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-56.deploy.static.akamaitechnologies.com
cdn.avantisvideo.com
5    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
s8t.teads.tv
sync.teads.tv
24    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    54.197.97.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-97-75.compute-1.amazonaws.com
static.newsmaxfeednetwork.com
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    35.201.84.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.84.201.35.bc.googleusercontent.com
soapps.net
4    35.190.74.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.74.190.35.bc.googleusercontent.com
glisteningguide.com
2    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:2182:9200:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
3    2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
16    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
vid.connatix.com
img.connatix.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.203.30.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.zergnet.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a02:26f0:6c00::210:ba40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.avantisvideo.com
5    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2.16.107.75 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn1.avantisvideo.com
4    52.0.218.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
geoip.insticator.com
b2c.insticator.com
event.insticator.com
1    2600:9000:2182:c00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
4    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    3.141.58.182 (Columbus, United States)

ASN16509 (AMAZON-02, US)
capi.connatix.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
7    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
9    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.newsmaxwidget.com
images.newsmaxwidget.com
9    54.77.239.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
trends.newsmaxwidget.com
2    172.67.38.97 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.statcounter.com
c.statcounter.com
6    44.237.126.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-126-120.us-west-2.compute.amazonaws.com
avm.avantisvideo.com
3    2600:9000:2182:1c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.13.149.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-149-62.us-west-2.compute.amazonaws.com
usync.proper.io
9    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
propermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN- ()
hb.emxdgt.com
1    213.19.162.41 (United Kingdom)

ASN- ()
fastlane.rubiconproject.com
1    216.52.2.48 (United States)

ASN- ()
ap.lijit.com
3    52.22.61.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
4    18.185.167.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
btlr.sharethrough.com
1    213.19.147.210 (United Kingdom)

ASN- ()
tag.1rx.io
8    185.64.189.112 (United Kingdom)

ASN- ()
hbopenbid.pubmatic.com
17    185.33.221.89 (Amsterdam, Netherlands)

ASN- ()
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
25    184.30.20.241 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
js-sec.indexww.com
4    2620:1ec:46::19 (United States)

ASN- ()
www.clarity.ms
5    104.76.201.56 (Frankfurt am Main, Germany)

ASN- ()
PTR: a104-76-201-56.deploy.static.akamaitechnologies.com
t.teads.tv
2    184.25.115.49 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    13.226.159.37 (United States)

ASN- ()
PTR: server-13-226-159-37.dus51.r.cloudfront.net
img5.zergnet.com
1    13.226.159.129 (United States)

ASN- ()
PTR: server-13-226-159-129.dus51.r.cloudfront.net
img2.zergnet.com
1    13.226.159.18 (United States)

ASN- ()
PTR: server-13-226-159-18.dus51.r.cloudfront.net
img4.zergnet.com
2    52.142.114.2 (Dublin, Ireland)

ASN- ()
c.clarity.ms
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    104.244.42.8 (United States)

ASN- ()
syndication.twitter.com
3    142.250.186.166 (United States)

ASN- ()
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
42    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
1    2600:9000:2182:e200:19:f03c:7200:21 (United States)

ASN16509 (AMAZON-02, US)
d1bvk193qme2fc.cloudfront.net
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
i.clean.gg
6    54.244.32.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
events.avantisvideo.com
1    2600:9000:2182:1000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    35.227.229.34 (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.bounceexchange.com
5    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
19    34.95.65.255 (Kansas City, United States)

ASN15169 (GOOGLE, US)
events.bouncex.net
4    52.8.50.232 (San Jose, United States)

ASN16509 (AMAZON-02, US)
ssp.behave.com
9    52.29.191.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
8    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
18    54.148.227.155 (Boardman, United States)

ASN16509 (AMAZON-02, US)
rtb.avantisvideo.com
4    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
4    52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
4    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    213.155.156.182 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    54.228.192.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
33    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
23    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    87.98.252.5 (France)

ASN16276 (OVH, FR)
green.erne.co
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700:3039::6815:c02a (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
6    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
12    52.214.43.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
5    37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    54.87.192.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
2    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    63.33.123.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
5    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
25    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.travelaudience.com
8    3.122.89.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
2    18.158.93.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
5    18.197.47.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
1    184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.districtm.io
1    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
4    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
1    52.45.55.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacon.lynx.cognitivlabs.com
1    52.57.135.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pre.ads.justpremium.com
4    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    13.226.159.116 (United States)

ASN16509 (AMAZON-02, US)
ib.3lift.com
1    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loada.exelator.com
1    34.192.170.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    50.31.142.63 (United States)

ASN23352 (SERVERCENTRAL, US)
b1sync.zemanta.com
1    2600:9000:2182:1600:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    3.217.41.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
secure-assets.rubiconproject.com
5    52.22.134.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
usr.undertone.com
1    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
1    2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)
images.getadmiral.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
ade.googlesyndication.com
507 KB
51 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
215 KB
44 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
84 KB
40 crooksandliars.com
www.crooksandliars.com
crooksandliars.com
blueamerica.crooksandliars.com
638 KB
38 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events.avantisvideo.com
rtb.avantisvideo.com
172 KB
27 casalemedia.com
as-sec.casalemedia.com
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
23 KB
25 2mdn.net
s0.2mdn.net
399 KB
25 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
vid.connatix.com
img.connatix.com
407 KB
20 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
20 KB
19 bouncex.net
events.bouncex.net
2 KB
18 newsmaxwidget.com
assets.newsmaxwidget.com
trends.newsmaxwidget.com
images.newsmaxwidget.com
183 KB
16 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
secure-assets.rubiconproject.com
30 KB
15 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
8 KB
12 adsrvr.org
match.adsrvr.org
5 KB
10 teads.tv
a.teads.tv
s8t.teads.tv
t.teads.tv
sync.teads.tv
195 KB
9 3lift.com
eb2.3lift.com
ib.3lift.com
4 KB
9 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
9 bidswitch.net
x.bidswitch.net
3 KB
9 openx.net
propermedia-d.openx.net
eu-u.openx.net
us-u.openx.net
2 KB
7 quantserve.com
secure.quantserve.com
pixel.quantserve.com
19 KB
7 google.com
www.google.com
adservice.google.com
2 KB
6 undertone.com
cdn.undertone.com
usr.undertone.com
3 KB
6 w55c.net
pm.w55c.net
5 KB
6 clarity.ms
www.clarity.ms
c.clarity.ms
22 KB
6 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
36 KB
6 zergnet.com
www.zergnet.com
img5.zergnet.com
img2.zergnet.com
img4.zergnet.com
75 KB
5 ampproject.org
cdn.ampproject.org
99 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 adform.net
c1.adform.net
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 google-analytics.com
www.google-analytics.com
19 KB
4 spotxchange.com
search.spotxchange.com
6 KB
4 behave.com
ssp.behave.com
2 KB
4 1rx.io
tag.1rx.io
sync.1rx.io
3 KB
4 sharethrough.com
btlr.sharethrough.com
461 B
4 googletagservices.com
www.googletagservices.com
119 KB
4 fastly.net
confiant-integrations.global.ssl.fastly.net
121 KB
4 insticator.com
geoip.insticator.com
b2c.insticator.com
event.insticator.com
3 KB
4 bounceexchange.com
tag.bounceexchange.com
assets.bounceexchange.com
api.bounceexchange.com
127 KB
4 proper.io
global.proper.io
usync.proper.io
bids.proper.io Failed
eb.proper.io
88 KB
4 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
d1bvk193qme2fc.cloudfront.net
177 KB
4 glisteningguide.com
glisteningguide.com
53 KB
4 facebook.net
connect.facebook.net
155 KB
3 sitescout.com
pixel-sync.sitescout.com
1 KB
3 mantisadnetwork.com
mantodea.mantisadnetwork.com
ecs.mantisadnetwork.com
1 KB
3 quantcount.com
rules.quantcount.com
1 KB
3 soapps.net
soapps.net
17 KB
3 twitter.com
platform.twitter.com
syndication.twitter.com
133 KB
3 googletagmanager.com
www.googletagmanager.com
125 KB
2 admedo.com
pool.admedo.com
780 B
2 exelator.com
loada.exelator.com
2 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 indexww.com
js-sec.indexww.com
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 travelaudience.com
ads.travelaudience.com
1 KB
2 stackadapt.com
sync.srv.stackadapt.com
869 B
2 simpli.fi
um.simpli.fi
1 KB
2 fiftyt.com
visitor.fiftyt.com
1000 B
2 semasio.net
uipglob.semasio.net
1 KB
2 tapad.com
pixel.tapad.com
615 B
2 taboola.com
trc.taboola.com
match.taboola.com
499 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 clean.gg
i.clean.gg
104 B
2 bing.com
c.bing.com
739 B
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 criteo.com
bidder.criteo.com
dis.criteo.com
474 B
2 statcounter.com
secure.statcounter.com
c.statcounter.com
13 KB
2 google.de
adservice.google.de
www.google.de
420 B
2 facebook.com
www.facebook.com
414 B
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
35 KB
1 getadmiral.com
images.getadmiral.com
10 KB
1 admanmedia.com
cs.admanmedia.com
413 B
1 bfmio.com
sync.bfmio.com
1 zemanta.com
b1sync.zemanta.com
301 B
1 rlcdn.com
id.rlcdn.com
1 ipredictive.com
sync.ipredictive.com
522 B
1 bnmla.com
match.bnmla.com
112 B
1 justpremium.com
pre.ads.justpremium.com
5 KB
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com
381 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 districtm.io
cdn.districtm.io
1 gumgum.com
rtb.gumgum.com
336 B
1 playground.xyz
ads.playground.xyz
485 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 zeotap.com
mwzeom.zeotap.com
595 B
1 contextweb.com
bh.contextweb.com
461 B
1 ad4m.at
ad4m.at
1 KB
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 de17a.com
d5p.de17a.com
134 B
1 google.fr
adservice.google.fr
799 B
1 jwplayer.com
cdn.jwplayer.com
37 KB
1 lijit.com
ap.lijit.com
603 B
1 emxdgt.com
hb.emxdgt.com
310 B
1 googleadservices.com
partner.googleadservices.com
646 B
1 newsmaxfeednetwork.com
static.newsmaxfeednetwork.com
2 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 googleapis.com
fonts.googleapis.com
632 B
0 netmng.com Failed
google2waycm.netmng.com Failed
0 33across.com Failed
ssc.33across.com Failed
553 106
Domain Requested by
33 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
crooksandliars.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
eb2.3lift.com
eu-u.openx.net
30 crooksandliars.com crooksandliars.com
25 s0.2mdn.net crooksandliars.com
s0.2mdn.net
24 pagead2.googlesyndication.com crooksandliars.com
pagead2.googlesyndication.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
tpc.googlesyndication.com
21 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com confiant-integrations.global.ssl.fastly.net
crooksandliars.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
21 tpc.googlesyndication.com confiant-integrations.global.ssl.fastly.net
crooksandliars.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
19 events.bouncex.net crooksandliars.com
18 rtb.avantisvideo.com cdn.avantisvideo.com
crooksandliars.com
17 ib.adnxs.com 5 redirects global.proper.io
cdn1.avantisvideo.com
cdn.avantisvideo.com
eb2.3lift.com
16 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
12 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 match.adsrvr.org 7 redirects 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
crooksandliars.com
eb2.3lift.com
eu-u.openx.net
12 img.connatix.com crooksandliars.com
9 x.bidswitch.net 9 redirects
9 trends.newsmaxwidget.com crooksandliars.com
assets.newsmaxwidget.com
d1bvk193qme2fc.cloudfront.net
9 capi.connatix.com cd.connatix.com
9 blueamerica.crooksandliars.com crooksandliars.com
blueamerica.crooksandliars.com
8 eb2.3lift.com 3 redirects confiant-integrations.global.ssl.fastly.net
eb2.3lift.com
8 pr-bh.ybp.yahoo.com 4 redirects ads.pubmatic.com
crooksandliars.com
ssum-sec.casalemedia.com
eu-u.openx.net
8 images.newsmaxwidget.com crooksandliars.com
8 as-sec.casalemedia.com global.proper.io
crooksandliars.com
8 hbopenbid.pubmatic.com global.proper.io
crooksandliars.com
7 image2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
crooksandliars.com
6 pixel.rubiconproject.com 1 redirects crooksandliars.com
cdn.undertone.com
eus.rubiconproject.com
6 pm.w55c.net 6 redirects
6 events.avantisvideo.com cdn.avantisvideo.com
6 ups.analytics.yahoo.com 4 redirects crooksandliars.com
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
5 usr.undertone.com cdn.undertone.com
5 pixel.advertising.com 4 redirects crooksandliars.com
5 cdn.ampproject.org d1bvk193qme2fc.cloudfront.net
5 sync-tm.everesttech.net 5 redirects
5 sync.mathtag.com 5 redirects
5 c1.adform.net 4 redirects image6.pubmatic.com
5 match.prod.bidr.io 4 redirects eu-u.openx.net
5 ads.pubmatic.com confiant-integrations.global.ssl.fastly.net
ads.pubmatic.com
5 t.teads.tv crooksandliars.com
5 pixel.quantserve.com 2 redirects crooksandliars.com
mantodea.mantisadnetwork.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
crooksandliars.com
5 www.google.com 2 redirects crooksandliars.com
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
5 cdn.avantisvideo.com crooksandliars.com
confiant-integrations.global.ssl.fastly.net
4 ade.googlesyndication.com crooksandliars.com
4 us-u.openx.net 1 redirects eu-u.openx.net
4 eu-u.openx.net confiant-integrations.global.ssl.fastly.net
eu-u.openx.net
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com confiant-integrations.global.ssl.fastly.net
eus.rubiconproject.com
cdn.undertone.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
eb2.3lift.com
4 search.spotxchange.com cdn1.avantisvideo.com
4 ads.adaptv.advertising.com cdn1.avantisvideo.com
4 htlb.casalemedia.com cdn1.avantisvideo.com
4 ssp.behave.com 2 redirects crooksandliars.com
4 www.clarity.ms crooksandliars.com
www.clarity.ms
4 btlr.sharethrough.com global.proper.io
4 securepubads.g.doubleclick.net global.proper.io
confiant-integrations.global.ssl.fastly.net
securepubads.g.doubleclick.net
crooksandliars.com
4 www.googletagservices.com pagead2.googlesyndication.com
d3lcz8vpax4lo2.cloudfront.net
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
4 confiant-integrations.global.ssl.fastly.net d3lcz8vpax4lo2.cloudfront.net
confiant-integrations.global.ssl.fastly.net
global.proper.io
4 glisteningguide.com crooksandliars.com
d1bvk193qme2fc.cloudfront.net
4 connect.facebook.net crooksandliars.com
connect.facebook.net
3 sync.1rx.io 3 redirects
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 googleads4.g.doubleclick.net crooksandliars.com
3 pixel-sync.sitescout.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 ad.doubleclick.net confiant-integrations.global.ssl.fastly.net
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
3 rules.quantcount.com secure.quantserve.com
3 soapps.net crooksandliars.com
soapps.net
3 www.googletagmanager.com crooksandliars.com
www.googletagmanager.com
2 pool.admedo.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 js-sec.indexww.com confiant-integrations.global.ssl.fastly.net
ssum-sec.casalemedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ads.travelaudience.com 2 redirects
2 secure.adnxs.com 1 redirects acdn.adnxs.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects image6.pubmatic.com
2 event.insticator.com d3lcz8vpax4lo2.cloudfront.net
2 i.clean.gg d1bvk193qme2fc.cloudfront.net
2 sync.teads.tv confiant-integrations.global.ssl.fastly.net
2 c.bing.com 1 redirects eb2.3lift.com
2 c.clarity.ms 1 redirects crooksandliars.com
2 img5.zergnet.com crooksandliars.com
2 assets.bounceexchange.com tag.bounceexchange.com
confiant-integrations.global.ssl.fastly.net
2 sb.scorecardresearch.com 1 redirects crooksandliars.com
2 mantodea.mantisadnetwork.com global.proper.io
confiant-integrations.global.ssl.fastly.net
2 secure.quantserve.com global.proper.io
mantodea.mantisadnetwork.com
2 adservice.google.com pagead2.googlesyndication.com
confiant-integrations.global.ssl.fastly.net
2 c.amazon-adsystem.com d3lcz8vpax4lo2.cloudfront.net
c.amazon-adsystem.com
2 cdn1.avantisvideo.com cdn.avantisvideo.com
confiant-integrations.global.ssl.fastly.net
2 www.facebook.com crooksandliars.com
2 www.zergnet.com crooksandliars.com
www.zergnet.com
2 cds.connatix.com crooksandliars.com
cd.connatix.com
2 global.proper.io crooksandliars.com
global.proper.io
2 d3lcz8vpax4lo2.cloudfront.net crooksandliars.com
d3lcz8vpax4lo2.cloudfront.net
2 platform.twitter.com crooksandliars.com
confiant-integrations.global.ssl.fastly.net
2 a.teads.tv crooksandliars.com
s8t.teads.tv
1 images.getadmiral.com crooksandliars.com
1 cs.admanmedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 sync.bfmio.com confiant-integrations.global.ssl.fastly.net
1 cdn.undertone.com confiant-integrations.global.ssl.fastly.net
1 b1sync.zemanta.com 1 redirects
1 id.rlcdn.com crooksandliars.com
1 ads.yahoo.com crooksandliars.com
1 sync.ipredictive.com 1 redirects
1 match.bnmla.com image6.pubmatic.com
1 ib.3lift.com 1 redirects
1 pre.ads.justpremium.com confiant-integrations.global.ssl.fastly.net
1 beacon.lynx.cognitivlabs.com 1 redirects
1 ecs.mantisadnetwork.com mantodea.mantisadnetwork.com
1 biddr.brealtime.com confiant-integrations.global.ssl.fastly.net
1 cdn.districtm.io confiant-integrations.global.ssl.fastly.net
1 acdn.adnxs.com confiant-integrations.global.ssl.fastly.net
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ad4m.at image6.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 green.erne.co 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com image6.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 d5p.de17a.com image6.pubmatic.com
1 api.bounceexchange.com confiant-integrations.global.ssl.fastly.net
1 adservice.google.fr confiant-integrations.global.ssl.fastly.net
1 cdn.jwplayer.com confiant-integrations.global.ssl.fastly.net
1 eb.proper.io global.proper.io
1 d1bvk193qme2fc.cloudfront.net confiant-integrations.global.ssl.fastly.net
1 vid.connatix.com cd.connatix.com
1 syndication.twitter.com platform.twitter.com
1 img4.zergnet.com crooksandliars.com
1 img2.zergnet.com crooksandliars.com
1 c.statcounter.com secure.statcounter.com
1 bidder.criteo.com global.proper.io
1 tag.1rx.io global.proper.io
1 ap.lijit.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 hb.emxdgt.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 usync.proper.io crooksandliars.com
1 secure.statcounter.com crooksandliars.com
1 assets.newsmaxwidget.com static.newsmaxfeednetwork.com
1 www.google.de crooksandliars.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
1 b2c.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 geoip.insticator.com d3lcz8vpax4lo2.cloudfront.net
1 static.avantisvideo.com cdn.avantisvideo.com
1 s8t.teads.tv a.teads.tv
1 fonts.gstatic.com fonts.googleapis.com
1 cd.connatix.com 1 redirects
1 tag.bounceexchange.com crooksandliars.com
1 www.gstatic.com crooksandliars.com
1 static.newsmaxfeednetwork.com crooksandliars.com
1 cdn.onesignal.com crooksandliars.com
1 fonts.googleapis.com crooksandliars.com
1 www.crooksandliars.com 1 redirects
0 google2waycm.netmng.com Failed 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
0 ssc.33across.com Failed global.proper.io
0 bids.proper.io Failed global.proper.io
553 178
Subject Issuer Validity Valid
*.crooksandliars.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-18 -
2022-01-18		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
content.avantisvideo.com
R3		 2021-02-22 -
2021-05-23		 3 months crt.sh
teads.tv
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
newsmaxfeednetwork.com
Amazon		 2020-09-23 -
2021-10-23		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2020-01-21 -
2022-01-20		 2 years crt.sh
glisteningguide.com
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
tag.bounceexchange.com
R3		 2021-01-27 -
2021-04-27		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
www.zergnet.com
Go Daddy Secure Certificate Authority - G2		 2019-05-24 -
2021-07-13		 2 years crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2020-08-24 -
2021-08-24		 a year crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-21 -
2021-04-22		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
assets.newsmaxwidget.com
R3		 2021-03-09 -
2021-06-07		 3 months crt.sh
newsmaxwidget.com
Amazon		 2020-09-21 -
2021-10-21		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
*.avantisvideo.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2020-11-13 -
2021-12-12		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
www.clarity.ms
DigiCert SHA2 Secure Server CA		 2020-09-03 -
2021-09-03		 a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D2		 2021-02-19 -
2021-05-20		 3 months crt.sh
*.zergnet.com
Amazon		 2020-04-26 -
2021-05-26		 a year crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-30 -
2021-11-29		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
i.clean.gg
GTS CA 1D2		 2021-02-18 -
2021-05-19		 3 months crt.sh
images.crserving.com
R3		 2021-03-18 -
2021-06-16		 3 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.google.fr
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
api.bounceexchange.com
GTS CA 1D2		 2021-02-21 -
2021-05-22		 3 months crt.sh
events.bouncex.net
GTS CA 1D2		 2021-02-10 -
2021-05-11		 3 months crt.sh
ssp.behave.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-27 -
2022-02-22		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
tracking.justpremium.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.undertone.com
Amazon		 2020-12-11 -
2022-01-09		 a year crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
getadmiral.com
Cloudflare Inc ECC CA-3		 2020-06-13 -
2021-06-13		 a year crt.sh

This page contains 59 frames:

Primary Page: https://crooksandliars.com/
Frame ID: 14C46655A2299B58B8EDAFC24F5E7034
Requests: 266 HTTP requests in this frame

Frame: https://cds.connatix.com/p/108993/connatix.playspace.dc.js
Frame ID: A4A2F12379968738BBDC3916FCCB6A4C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: D6826DEAB02B3140991017F92CD2FE03
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 6E1FA03E2469C348A2F9552B4CBE4237
Requests: 2 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 3E3446311330BF28A82AEC299184B7D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6512936480753445&output=html&adk=1812271804&adf=3025194257&lmt=1616328003&plaf=1%3A1&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plach=6916694011%2C%2B%2C%2B%2C%2B%2C%2B&format=0x0&url=https%3A%2F%2Fcrooksandliars.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616328117862&bpp=13&bdt=594&idt=240&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7948317617749&frm=20&pv=2&ga_vid=652369582.1616328118&ga_sid=1616328118&ga_hid=1393776533&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737458%2C31060049%2C44739387&oid=3&pvsid=380682836778858&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
Frame ID: AD99434B2E3225931F21DD6E224190E3
Requests: 1 HTTP requests in this frame

Frame: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Frame ID: EF3F5A0B9B91747E9D3BBEF33024A183
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fcrooksandliars.com
Frame ID: AD9F15742F107A57258C61EEF161E0A3
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=30901&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&vid=a6629ca970293d075507061dccc72c047e77af28&1616328118717
Frame ID: 0DF2A65151E4127CDFCE96365D1D28A6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 729A1EE211C9C9DD475932C4AC86A9B7
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: C3F37D633D174AE405595E4206E3CA3A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 4DB0AE58C393F90E1242DF3FC2569683
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D69DB27103904C231357374C31C2264D
Requests: 25 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: D055D21C944C3C7E2DED4E5C2153E4B4
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0BE19B622A4FEAAF3A112F92219D6685
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: 7E77556E7851765135CFB27D97811807
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6942076479455230101
Frame ID: 097761183A8F986772C028EA0A86272D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bTfb4Xlw43QOm26Fr7DOWghy
Frame ID: 9484B8067DB999AC9BBFD97FB25C2171
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DC97599ACB2F187169EB91692A8F4E15
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5ABC3D66357393B93582EFDB6E2DDED9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D7215122BD3FD347A850A923DD582C96
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Dsv3KQzQNlpw&pid=557219
Frame ID: 1812ECCA5AB775A91B6ECA3481EEAE65
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9FBD3CA0174536600ABE886401BE1D48
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: EACD829EDEA76BA465160B4BA17CCDB0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:acwKyzfL1LnWMp5&gdpr=0&gdpr_consent=
Frame ID: E047EAB70B5F9AB195015D62837B2B71
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/042101130138000/amp4ads-v0.mjs
Frame ID: 7D0406C13BAD49C51850083600F7F6BA
Requests: 16 HTTP requests in this frame

Frame: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 400CDF4DA67F1732D490623A81DF266D
Requests: 17 HTTP requests in this frame

Frame: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: FE9CB3D840DC0D798FC56E62056B6ED7
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3p8qeATAB&v=APEucNUEZ1gImDICKlSHxQxOht2JlQ38RCPQ1lCCEdrG4QdDgKkNKQkOt7DIp-Dagjrye0gFxDGUA3jmAuJaRZ-DSPruUkwY6QAkhEU9Qo-T6z-BgzAuxjS9lOj-ii-ukeUXp4rJMKpoC4CrVZTatUQngc87krRKwlHWwO-gH0yE5qdVBbCBIZEIOoL-NfN_es038ovJHTujR-yveTQxoTKc7V6_ZscSzw
Frame ID: 5F3543800088741C8C72A8268BAFA4F6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjspMqeATAB&v=APEucNVsiMACyMq3f3dXKMKuOQiBR18peJ_mjqvS7Bzt2UUENAtxsJ8SPos5X1TLKcu5Q1-TLVm10kbyqeLrJz8YHMBbTHK87sUqpmt0olRK3bKUeDIByPztdI51MEokWPyrOf43Un5Jb1o6TPjDi2BNHvIcvCdEiQI_Y7WJjSRqEh97uf_FgZbpM-etdeFzT9bfhjgjKN_VXBJAvK6qtuBsRgTec4wKYw
Frame ID: 58317B6F08AAF138918ED54E32D46CD5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59053B0D34181EB829F07F80E2C5039B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69C095E39DA9BBFC191B62432947EFDA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BC5247291AC307F66597F7A7B3AF7672
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 645263C7E5D281934826C08878A0FD21
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E0DBA4308BA65C698D0E8D73B15448F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B59C13832FA46EBF3893410B918BEB1D
Requests: 3 HTTP requests in this frame

Frame: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/style.css
Frame ID: C6306DD0264536DFE44F849C7B1DE6D1
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Frame ID: 8B7D383D7FCC3B35F9E10AC807AB2D35
Requests: 21 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 22592FA42076911FB7947BC3B34CB811
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 167A5038513A562451946AD383CC4C70
Requests: 1 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1616328118238&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F
Frame ID: 53727228AD3EB6EC3A1137D776EF42FC
Requests: 5 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: F239BFA0260B463E1D1BC0983EBB3D6B
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8E36F6B2C4C699487D6624D85E7C4034
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5A1D0FB9A0453B68824F1873885B07B4
Requests: 10 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=agdgaz1616328118342
Frame ID: 8AFEB70335D663BC870DDB97F1BD5413
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D914B6ADD83E365F721D33024128913F
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5627B423F559D787C6714A087A74C945
Requests: 10 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Frame ID: 066CC29C5CC7BF246B0354E9DFE4E8DF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CA34D2D37D4D1D283C12FEEBB5E7C459
Requests: 11 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
Frame ID: 7034EEF2A9906B78AD41659BB346159F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003
Frame ID: 24492E336C75DD11E8FD74C153C0F6E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2D8478E4886047FCA0545C18CD6A46FF
Frame ID: 210862B59DAFE374214FE9EABEAF3B96
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: C70B558FC23C0DED5F44F2911423E788
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: B40D342F507E37409117A9B9E4D27521
Requests: 7 HTTP requests in this frame

Frame: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Frame ID: F13FEB3846BCA4A430C15C752CC58ABF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 27B03F78C379A426364E6A7D5E1A5F06
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Frame ID: EE9A7343BE151826C20C60FA4AC65A47
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 5A5DFBDE5BB939422CD7CE7A28CA7822
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 552EBE6A677BD1E4F01EFC4B6DC32AAC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.crooksandliars.com/ HTTP 302
    https://crooksandliars.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

553
Requests

98 %
HTTPS

28 %
IPv6

106
Domains

178
Subdomains

127
IPs

9
Countries

4384 kB
Transfer

11465 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.crooksandliars.com/ HTTP 302
    https://crooksandliars.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://www.google.com/jsapi HTTP 301
  • https://www.gstatic.com/charts/loader.js
Request Chain 46
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/108993/connatix.playspace.dc.js
Request Chain 90
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_76f22ac1_d47332f1_1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_76f22ac1_d47332f1_1&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K0gTRzxE2uH.o7Tl_RfMiTcOmD285_I1~A
Request Chain 124
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1616328118474&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=44557933&cs_ucfr= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1616328118474&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=44557933&cs_ucfr=&cs_ak_ss=1
Request Chain 142
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=7657B3D6D7854B9A80E47EE26F7A4250&RedC=c.clarity.ms&MXFR=323953F848556EE8175C43F94C5560BE HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=7657B3D6D7854B9A80E47EE26F7A4250&MUID=24B64136B3D360652FE15137B2B86119
Request Chain 210
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=bouncex&ssp_user_id=c3ce442b-1b44-4174-b7a9-6d407f054e0d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=181398447&expires=5&ssp=bouncex HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=c3ce442b-1b44-4174-b7a9-6d407f054e0d
Request Chain 224
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaU4wN0FybXNBQUJCQW1kR3g5UQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 225
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6942076479455230101
Request Chain 226
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bTfb4Xlw43QOm26Fr7DOWghy
Request Chain 228
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 230
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Dsv3KQzQNlpw&pid=557219
Request Chain 231
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 232
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 233
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:acwKyzfL1LnWMp5&gdpr=0&gdpr_consent=
Request Chain 234
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rd8ItpxNQ9e_mm8N_4mEmg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 236
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 237
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&addseg=12,35,41
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURERjA4QjYtOUM0RC00M0Q3LUJGOUEtNkYwREZGODk4NDlB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPCi-xcEQ6Bi0xiaXSDG9uE&google_cver=1
Request Chain 241
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
Request Chain 242
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4162373345338025050
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99d46057-35b9-4200-a11f-847c226f05f9&gdpr=0&gdpr_consent=
Request Chain 244
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2417220075358525530&gdpr=0&gdpr_consent=
Request Chain 245
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=8ozwx93KQWBv0ujZVCpD59mKz5Q&user_group=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c3ce442b-1b44-4174-b7a9-6d407f054e0d&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 247
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pZbynh5E2uXUtiQmGlmobzULgMdWjyg-~A&gdpr=0&gdpr_consent=
Request Chain 248
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4
Request Chain 249
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFc1uwAAALEa_VLS HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFc1uwAAALEa_VLS&gdpr=0&gdpr_consent=&_test=YFc1uwAAALEa_VLS
Request Chain 250
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4154356464347799715&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 251
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3cd830ef-55c8-4d70-bde8-5281fd0e74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 252
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 254
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2417220075358525530
Request Chain 255
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c7d34ffe-d990-480c-84c9-1e9018ccb095
Request Chain 276
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Request Chain 292
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFc1uMvMMkzTuBl4pclu1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Request Chain 297
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Request Chain 298
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFc1uMvMMkzTuBl4pclu1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Request Chain 332
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cver=1&google_push=AQvitUIW30u48_omsQLGkwB3ztTXY_aGcNuyu3lCYgdZXf-b63WLIsJQty57-8Cjqy3hYLhgFG6JL2kFNecQfEtEkCUX7txhvg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cver=1&google_push=AQvitUIW30u48_omsQLGkwB3ztTXY_aGcNuyu3lCYgdZXf-b63WLIsJQty57-8Cjqy3hYLhgFG6JL2kFNecQfEtEkCUX7txhvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWN3S3l6ZkwxTG5XTXA1&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cver=1&google_push=AQvitUIW30u48_omsQLGkwB3ztTXY_aGcNuyu3lCYgdZXf-b63WLIsJQty57-8Cjqy3hYLhgFG6JL2kFNecQfEtEkCUX7txhvg
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKnkpb6EDXAlOMTcvotdF8Q&google_cver=1&google_push=AQvitUKOJ7z8oCZiJsv9dWCTWJJn2MVAROdmZZr5AFTZ_Ptl3neKsSEAxVCIextN0mYPsTJQRqO4oTB2RY9myxYSmv9B7FaaqNM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKOJ7z8oCZiJsv9dWCTWJJn2MVAROdmZZr5AFTZ_Ptl3neKsSEAxVCIextN0mYPsTJQRqO4oTB2RY9myxYSmv9B7FaaqNM
Request Chain 334
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJcPYXOk_gGAeJOdONVZGmI&google_cver=1&google_push=AQvitUJRtXPZhscvT8arszzgd8CWqA5YA9beaQGh4VeGYOBT0ByzSSXjoVLSxVJeB0vtHHgg_DKS5A74--s5wZByXvZclV0nRbM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QQBIYrJ-Tf26iJdhTVKEmg2&google_push=AQvitUJRtXPZhscvT8arszzgd8CWqA5YA9beaQGh4VeGYOBT0ByzSSXjoVLSxVJeB0vtHHgg_DKS5A74--s5wZByXvZclV0nRbM
Request Chain 335
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB8egzizgm1S_BIljCG0ZQw&google_cver=1&google_push=AQvitUIrRmMClqyLBNJ8Ed2GLYL_mGx7B8jAIN2UZrNVWyrw8AUQcENOhLy-nAAclFr8NgGAVjNiRiwqOQxszQKjrn_BaX3C3xQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIrRmMClqyLBNJ8Ed2GLYL_mGx7B8jAIN2UZrNVWyrw8AUQcENOhLy-nAAclFr8NgGAVjNiRiwqOQxszQKjrn_BaX3C3xQ&google_hm=ODk2OTkxODAxNzg2NjI1MzUwMg%3D%3D
Request Chain 336
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1&google_push=AQvitUKI2s8RAQC_4GdHOCdTuVNFQ84zXiUDm4OKhv7TTsci0a3uZjT-H6gquN0CrzOWMJUjd8KE67KPnIGGbTSZ59BtXcWS8nA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1&google_push=AQvitUKI2s8RAQC_4GdHOCdTuVNFQ84zXiUDm4OKhv7TTsci0a3uZjT-H6gquN0CrzOWMJUjd8KE67KPnIGGbTSZ59BtXcWS8nA
Request Chain 337
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKxM627bUhQk4cW5u3Mwcmw&google_cver=1&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og&google_gid=CAESEKxM627bUhQk4cW5u3Mwcmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og
Request Chain 343
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKnkpb6EDXAlOMTcvotdF8Q&google_cver=1&google_push=AQvitUKBvi2r1TikAWOjYulJjGbw2ggsY1eJ_9TGX_iQFAeW4zuFeYkTx-zT1azgZaDJA1_ejarb97bor2X198Ci22yzZeVm7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKBvi2r1TikAWOjYulJjGbw2ggsY1eJ_9TGX_iQFAeW4zuFeYkTx-zT1azgZaDJA1_ejarb97bor2X198Ci22yzZeVm7w
Request Chain 345
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJzu941s5EWVyFaLOa7PxHc&google_cver=1&google_push=AQvitUK6hUxY7rO8UN-OINm3YyQA19nid44giD20gC7XEE76tGJxnlHq8Ux5cr85pTafZKv8HFpTVzDiFmgYVROmm5ntxsaxM34 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUK6hUxY7rO8UN-OINm3YyQA19nid44giD20gC7XEE76tGJxnlHq8Ux5cr85pTafZKv8HFpTVzDiFmgYVROmm5ntxsaxM34&google_sc&google_hm=EBAQEA
Request Chain 346
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJcPYXOk_gGAeJOdONVZGmI&google_cver=1&google_push=AQvitUJalgPXCVFxoMgeJe1geE1TeTCJPWKPS_U4ObW0abXfdy9tHK7Ccqo8Op5klr3b7qGmQrDsGQzzgA24ojFe5fiax6w7lbA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NVAh1VqFQBudmRvT-CGnrQ2&google_push=AQvitUJalgPXCVFxoMgeJe1geE1TeTCJPWKPS_U4ObW0abXfdy9tHK7Ccqo8Op5klr3b7qGmQrDsGQzzgA24ojFe5fiax6w7lbA
Request Chain 347
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL8RKoyyCEKuT3aHfWbJ14E&google_cver=1&google_push=AQvitUID8CawvHK9ZtGNaO-FXx5-JB7kEn244hwg0QF4Ojmtk3V3exyiiFAM-tmoQ7UIzd-zX-B_W3ARIGP6dQKYuuRBkWW75kA HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=c3ce442b-1b44-4174-b7a9-6d407f054e0d HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=c3ce442b-1b44-4174-b7a9-6d407f054e0d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b459f23a-2f4d-4c84-b103-92f0f32d7314&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUID8CawvHK9ZtGNaO-FXx5-JB7kEn244hwg0QF4Ojmtk3V3exyiiFAM-tmoQ7UIzd-zX-B_W3ARIGP6dQKYuuRBkWW75kA&google_hm=w85EKxtEQXS3qW1AfwVODQ==
Request Chain 348
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBi2I82MHNAtj5ksTX5x5Nw&google_cver=1&google_push=AQvitUJp-1oeuN50HyDykUXJ-RKZdTJT4VXzgixqR_eWH3O92MzBgc4ryfjnX2HYLsmsUMXWYfMS2iLMalt5QH-5yG537OKuvbs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E&google_push=AQvitUJp-1oeuN50HyDykUXJ-RKZdTJT4VXzgixqR_eWH3O92MzBgc4ryfjnX2HYLsmsUMXWYfMS2iLMalt5QH-5yG537OKuvbs
Request Chain 349
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFadJV7d9TFEf5Di-3W1B5c&google_cver=1&google_push=AQvitUKPC5CmzfuyhYpYRstCzrVhFyu9gej4AGmXPEJeJ4cJdmHPR4JH57wYDzQHxTYdUNqx3lit8ElMrXi6qNCv6MLDAcofyvA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKPC5CmzfuyhYpYRstCzrVhFyu9gej4AGmXPEJeJ4cJdmHPR4JH57wYDzQHxTYdUNqx3lit8ElMrXi6qNCv6MLDAcofyvA%26google_hm%3DA6Z18eUfsUUkiVnVqzvFaCs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKPC5CmzfuyhYpYRstCzrVhFyu9gej4AGmXPEJeJ4cJdmHPR4JH57wYDzQHxTYdUNqx3lit8ElMrXi6qNCv6MLDAcofyvA&google_hm=A6Z18eUfsUUkiVnVqzvFaCs
Request Chain 386
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Request Chain 389
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YFc1uwAAALpTPjoG&_origin=0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFc1uwAAALpTPjoG&_origin=0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Request Chain 397
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1 HTTP 302
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=2144b0f9-7384-4fe3-957b-c09e28dafef7
Request Chain 402
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=324217c6-f3e0-423a-94f7-66659c331ec1 HTTP 302
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=2417220075358525530&suid=324217c6-f3e0-423a-94f7-66659c331ec1
Request Chain 405
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1
Request Chain 406
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&dcc=t
Request Chain 409
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=acwKyzfL1LnWMp5&gdpr=1
Request Chain 410
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618920124
Request Chain 411
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8ozwx93KQWBv0ujZVCpD59mKz5Q
Request Chain 412
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9307dc4f-9b23-4e16-bfa9-01bbb72589b6&expiration=1647864124
Request Chain 418
  • https://ib.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync
Request Chain 424
  • https://c1.adform.net/serving/cookie/match?party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
Request Chain 425
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5645210206 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/2144b0f9-7384-4fe3-957b-c09e28dafef7 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003
Request Chain 426
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2D8478E4886047FCA0545C18CD6A46FF
Request Chain 428
  • https://pixel.onaudience.com/?partner=214&mapped=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4495b17791225f79b85cf72f24a565af
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=333f6057-35b9-4900-ad7b-6e4be1ba412f
Request Chain 430
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4260f2e7-8a3d-11eb-b243-11bff608f02b&gdpr=0&gdpr_consent=
Request Chain 458
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFc1uwAAALEa_VLS
Request Chain 459
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMJ4123X-R-1XND&sigv=1&esig=2~bff700a5eff1a0b2fcd1fe693e6d339a684f0a16
Request Chain 460
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWJkOTllNTBlNGM2MGVmYzI3YzBiY2RmN2UwZGI1OWVjZThmMDA0OA
Request Chain 462
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pRph-7tfcJucXpCBYRi4ww?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8969918017866253502
Request Chain 463
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJDWX9iQ6hEV1pzyMYp11Y&google_cver=1
Request Chain 481
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFTjKcSMRgcJVBMzYAsOJi8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 482
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D
Request Chain 484
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13637767897429749004?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-OzH3O8dE2oTv6ySBoTFvQZ7WRzLaDUtymPG0RqPy7w--~A&dongle=0883
Request Chain 485
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2417220075358525530&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 486
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13637767897429749004 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13637767897429749004&dcc=t
Request Chain 487
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 495
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=acwKyzfL1LnWMp5
Request Chain 496
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=c3ce442b-1b44-4174-b7a9-6d407f054e0d HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=c3ce442b-1b44-4174-b7a9-6d407f054e0d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e7365d44-724c-4a56-aa5a-75473a343a2c&user_group=1&ssp=openx&bsw_param=c3ce442b-1b44-4174-b7a9-6d407f054e0d HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=c3ce442b-1b44-4174-b7a9-6d407f054e0d
Request Chain 497
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEiN07ArmsAABBAmdGx9Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Request Chain 498
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=333f6057-35b9-4900-ad7b-6e4be1ba412f
Request Chain 499
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YRrppWQfvqR6H-j2b07x9mQe7vB6He6iYEtZ2zcQ
Request Chain 500
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162373345338025050
Request Chain 503
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENy0WjevipAcCXF385yM-g&google_cver=1
Request Chain 504
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 505
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2417220075358525530
Request Chain 506
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=fffc09b5-f26e-02c0-33f1-38ec1aea4c28
Request Chain 507
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-YAtaKkpE2uEtYStK0NOjD_.Ir_.3vwTE~A~UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Request Chain 508
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&ttl=1618920126
Request Chain 510
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=677e50c13082c85c1b426c153ed9828eee0460b2
Request Chain 541
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=b0af586d-81de-4a36-b523-804801c3316c HTTP 302
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=1334090924265010990&suid=b0af586d-81de-4a36-b523-804801c3316c

553 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
crooksandliars.com/
Redirect Chain
  • https://www.crooksandliars.com/
  • https://crooksandliars.com/
63 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
c0c53aa097fc11943ee02bfc1c3330b3b729d84608d34dd8433ecf58a3ce691c

Request headers

Host
crooksandliars.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:01:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
Access-Control-Allow-Headers
token, Content-Type
Set-Cookie
cl_last_path=front; path=/
X-Drupal-Cache
HIT
Etag
"1616328003-1"
Cache-Control
public, max-age=0
Last-Modified
Sun, 21 Mar 2021 12:00:03 +0000
Expires
Sun, 11 Mar 1984 12:00:00 GMT
Vary
Cookie Accept-Encoding
Content-Encoding
gzip
Service-Worker-Allowed
/

Redirect headers

Server
nginx
Date
Sun, 21 Mar 2021 12:01:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://crooksandliars.com/
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
Access-Control-Allow-Headers
token, Content-Type
Set-Cookie
cl_last_path=front; path=/
X-Drupal-Cache
HIT
Etag
"1616328037-1"
Cache-Control
public, max-age=0
Last-Modified
Sun, 21 Mar 2021 12:00:37 +0000
Expires
Sun, 11 Mar 1984 12:00:00 GMT
Vary
Cookie Accept-Encoding
Content-Encoding
gzip
Service-Worker-Allowed
/
css
fonts.googleapis.com/ 		2 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
04f6abfdaebd7170b5c22848a8ab4f2a5e9fcd76276d5de379d5ab0f14645fb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 21 Mar 2021 10:37:25 GMT
server
ESF
date
Sun, 21 Mar 2021 12:01:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Mar 2021 12:01:57 GMT
admiral.js
crooksandliars.com/sites/all/modules/custom/admiral/static/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/modules/custom/admiral/static/js/admiral.js?1589420360
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
261f4292ef01c3dca7ceab13dfdec5c006c4690166ed36fa3d9965d863ebc531

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Last-Modified
Thu, 14 May 2020 01:39:20 GMT
Server
nginx
ETag
"5ebca148-af3"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2803
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
dd_theme.regular.css
crooksandliars.com/sites/all/modules/custom/donation_drives/css/ 		202 B
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/modules/custom/donation_drives/css/dd_theme.regular.css?N
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
5094984b3a572003ae6efd05e94b4313419d918d25f67580b2d49b0b65a44586

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Last-Modified
Sat, 29 Feb 2020 20:01:38 GMT
Server
nginx
ETag
"5e5ac322-ca"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
202
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css_9f3c2221aadcda1fabc452f9c5811b68.css
crooksandliars.com/files/css/ 		284 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/files/css/css_9f3c2221aadcda1fabc452f9c5811b68.css
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
ad0b90ad7694b8d25d23dbb689bf96fd9a12a9ac6153b0ef83c292d45f9c8f6b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Jan 2021 01:55:38 GMT
Server
nginx
ETag
W/"6000f61a-4703e"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5577d87908fc15b3c7e5aa896b227ccb8a41541a438a8d0facda136b811c7f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39128
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:57 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1904
etag
W/"29e3b92597e716694def18b1f85abbfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6337074fba074ddc-FRA
cf-request-id
08f642e5cf00004ddcc51f2000000001
expires
Wed, 24 Mar 2021 12:01:57 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=419955f2-1ca2-4dd8-a68e-332882485bbd&tagId=2&subId=&callback=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i9Wy1fiAICJwzzbqWhnMuMEeESYpQpqF
Content-Encoding
gzip
Last-Modified
Tue, 16 Mar 2021 11:55:25 GMT
Server
AmazonS3
x-amz-request-id
ETZ9JFJG3AS4BSF8
ETag
"75d58198b4bd6637fe901ffbb58c64bf"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Sun, 21 Mar 2021 12:01:57 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
21168
x-amz-id-2
nZ2F/+3thfVQmpm8x85bKOnoHh9ojTcU3lHDui1QIS0lHV+q+EeG860LKSvDrJJ5fu0qeiMH2JY=
tag
a.teads.tv/page/101830/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/101830/tag
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c8248dfde9b3481f06d50cc97642f44db7604e93119b317ea35d1bb5d900c448

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
886
expires
Sun, 21 Mar 2021 13:01:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49857
x-xss-protection
0
server
cafe
etag
11991498641368206346
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 12:01:57 GMT
dude_only.png
crooksandliars.com/sites/all/themes/cl_theme18/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme18/images/dude_only.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
9e9179c544e6f6675a4d39df7d77f2d57a39028f218c84246c369a686d5c1341

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 29 Feb 2020 20:01:38 GMT
Server
nginx
ETag
"5e5ac322-3151"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12625
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
site_name.png
crooksandliars.com/sites/all/themes/cl_theme18/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme18/images/site_name.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
036d3acbb3e39c869492f973fbf9aaf3131d43276eba81ae4f28f895ccd7a5b3

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 29 Feb 2020 20:01:38 GMT
Server
nginx
ETag
"5e5ac322-12b9"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4793
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
screen_shot_2021-03-20_at_1.49.01_pm.png
crooksandliars.com/files/imagecache/node_hot/primary_image/21/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_hot/primary_image/21/03/screen_shot_2021-03-20_at_1.49.01_pm.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
cce254c8ee31c9c159462bfb8ea4cf14da6c522ccca004a12adaeebd3d8e2568

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sun, 21 Mar 2021 12:00:04 GMT
Server
nginx
ETag
"60573544-381e"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14366
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
44727.jpg
crooksandliars.com/files/imagecache/node_hot/embeds/2021/03/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_hot/embeds/2021/03/44727.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
02bfabe95cf42ad5b3945580cc578f85c01056d0a0e16628cb6e4476d9bd3a9b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Last-Modified
Sat, 20 Mar 2021 04:58:57 GMT
Server
nginx
ETag
"60558111-98c2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39106
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:57 GMT
vogel-and-maimone-3-1616183773_1.jpg
crooksandliars.com/files/imagecache/node_hot/primary_image/21/03/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_hot/primary_image/21/03/vogel-and-maimone-3-1616183773_1.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
767996c272e869f577a9f0706515a74089bed9863e9f0a58529303d57a55c94d

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sun, 21 Mar 2021 01:30:05 GMT
Server
nginx
ETag
"6056a19d-9ed2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40658
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
1000x-1.jpg
crooksandliars.com/files/imagecache/node_hot/primary_image/21/03/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_hot/primary_image/21/03/1000x-1.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
b6217edd694c006c2b286c762cf1b9e8184b134c0e06cf6fbb4fc5daad9cab7e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sun, 21 Mar 2021 00:00:06 GMT
Server
nginx
ETag
"60568c86-6b50"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27472
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
47269.jpg
crooksandliars.com/files/imagecache/node_hot/mediaposters/2021/03/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_hot/mediaposters/2021/03/47269.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
a65f2d615afa144bc37870717e3c3054c84cbcb4d44682ed3d710134d3e15850

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 22:31:05 GMT
Server
nginx
ETag
"605677a9-8edb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36571
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
marc_siegel_031921.jpg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/marc_siegel_031921.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
6260deb404a9c1bf06382fd64771ba9431395c0c51853ab82f84c21797b11d98

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 17:23:50 GMT
Server
nginx
ETag
"60562fa6-3be3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15331
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
join_or_die.jpg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/join_or_die.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7c305d8aa97f10c8701013e9ab04390f7e499fae24533ff4440c245507e33888

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Fri, 19 Mar 2021 21:17:45 GMT
Server
nginx
ETag
"605514f9-3500"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13568
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
msnbc-maria-hinojosa-032021.png
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/msnbc-maria-hinojosa-032021.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
069be4863b4b0b91ca87b34d915d1690fd727d28dc07716cef16832782358c6d

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 14:23:30 GMT
Server
nginx
ETag
"60560562-3b89"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15241
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
trump-rioter-gets-divorce-felony-charges-assaulting-capitol.jpg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/trump-rioter-gets-divorce-felony-charges-assaulting-capitol.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
8a0497244e3e9dbab0903339a7651b3805b2bef76f812b3a1444f773e3e436e6

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Fri, 19 Mar 2021 23:20:59 GMT
Server
nginx
ETag
"605531db-42f5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17141
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
44725.jpg
crooksandliars.com/files/imagecache/node_teaser/embeds/2021/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/embeds/2021/03/44725.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
c72f900e7d117da069701bc938dc3c72f6406fccf79d4a8cfcc6c239e8cea977

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 13:32:34 GMT
Server
nginx
ETag
"6055f972-3840"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14400
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
800.jpeg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/800.jpeg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
631e430751c0f564d0f750d71c76d450fc31d8e9994cb6f5a077e65746061993

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Fri, 19 Mar 2021 23:27:12 GMT
Server
nginx
ETag
"60553350-42e2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17122
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
gettyimages-1283437084.jpg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/gettyimages-1283437084.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
ab11582980d53ae863dde75d89faaa1121eafab0e2ca021961c7f1edb6bb4534

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Fri, 19 Mar 2021 22:38:08 GMT
Server
nginx
ETag
"605527d0-23f0"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9200
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
saturday_play_time.png
crooksandliars.com/files/imagecache/node_teaser/primary_image/17/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/17/08/saturday_play_time.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
2bbe36941b65150eb34cea6566327c74802cf4c6770592ba0bb250e36f6f54be

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Thu, 20 Jun 2019 20:24:25 GMT
Server
nginx
ETag
"5d0beb79-2047"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8263
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
dreamhelper_anim.jpg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/dreamhelper_anim.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
218e015f40ed1518e21e7256b12087e2852c2deed5d8a9f956457cef4de1e775

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Thu, 18 Mar 2021 19:47:36 GMT
Server
nginx
ETag
"6053ae58-347d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13437
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
sean-benesh-ykdlez0qlji-unsplash.jpg
crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_teaser/primary_image/21/03/sean-benesh-ykdlez0qlji-unsplash.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
f8b4d53edcfea934eb1a122e3906f3ba07785e680b542922629dfe4300c1732e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Fri, 19 Mar 2021 16:56:17 GMT
Server
nginx
ETag
"6054d7b1-22d3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8915
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
bootloader.js
static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/bootloader.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.97.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-97-75.compute-1.amazonaws.com
Software
/ Express
Resource Hash
2e2f8485434c1dc7ba8426b78bcdcce5d13462028693bc1b749957ef88909763

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
public, max-age=300
x-powered-by
Express
etag
W/"58e-rpAHw0NpBBZ2yx67ykqppRQRbos"
content-length
1422
content-type
text/javascript; charset=utf-8
screen_shot_2021-03-20_at_1.49.01_pm.png
crooksandliars.com/files/imagecache/node_horizontal/primary_image/21/03/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_horizontal/primary_image/21/03/screen_shot_2021-03-20_at_1.49.01_pm.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7368f08017265b81c952de306512f79bdac018b2d28d1ac8f0daf4796ee31b05

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 17:54:07 GMT
Server
nginx
ETag
"605636bf-b6c"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2924
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
47271.jpg
crooksandliars.com/files/imagecache/node_horizontal/mediaposters/2021/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_horizontal/mediaposters/2021/03/47271.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7e094b98f2648cb47e6b8837c16315a438e81a9d7c64c5e2b13ee3b8c795902a

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 23:30:40 GMT
Server
nginx
ETag
"605685a0-179e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6046
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
44727.jpg
crooksandliars.com/files/imagecache/node_horizontal/embeds/2021/03/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_horizontal/embeds/2021/03/44727.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
47d7700c59c5501f6dc6c7a3c7537ba80bba6a64054c5a0f14916219dbcd7eb4

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 11:44:16 GMT
Server
nginx
ETag
"6055e010-127b"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4731
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
marc_siegel_031921.jpg
crooksandliars.com/files/imagecache/node_horizontal/primary_image/21/03/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_horizontal/primary_image/21/03/marc_siegel_031921.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
b48646c2bc28d9bc49ad2d43d5e01d3227672c562b9a4687d40a1237ac43cac7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 17:54:07 GMT
Server
nginx
ETag
"605636bf-153f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5439
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
vogel-and-maimone-3-1616183773_1.jpg
crooksandliars.com/files/imagecache/node_horizontal/primary_image/21/03/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crooksandliars.com/files/imagecache/node_horizontal/primary_image/21/03/vogel-and-maimone-3-1616183773_1.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
57e5069f5f53365a4edea596e090a79ea505dfbf69f02a9290ee8a17adaee23b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Sat, 20 Mar 2021 16:15:19 GMT
Server
nginx
ETag
"60561f97-1722"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5922
Service-Worker-Allowed
/
Expires
Tue, 20 Apr 2021 12:01:58 GMT
latest.js
blueamerica.crooksandliars.com/widgets/latest/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blueamerica.crooksandliars.com/widgets/latest/latest.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
fd3490b3b74ff729c5d0c54febfed6cb72264c234910f085dff7beafdafac3ba

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 21:48:40 GMT
Server
nginx
ETag
"338a-582e72302de00-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5242
Expires
Mon, 21 Mar 2022 12:01:58 GMT
js_68f45ea9bd0191920e53b1cf421ac715.js
crooksandliars.com/files/js/ 		243 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
191ce7487d377a2fea7e89a32a3da1b58533f930ebc05f989f195170f8bac6ff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Jan 2021 01:55:38 GMT
Server
nginx
ETag
W/"6000f61a-3cc70"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
loader.js
www.gstatic.com/charts/
Redirect Chain
  • https://www.google.com/jsapi
  • https://www.gstatic.com/charts/loader.js
64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19830
x-xss-protection
0
pragma
no-cache
last-modified
Thu, 23 Jul 2020 17:43:26 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Mar 2021 11:44:33 GMT
x-content-type-options
nosniff
server
sffe
age
1044
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/charts/loader.js
cache-control
public, max-age=1800
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:14:33 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12e41081bbdc7d9dd4feb3b354ef079dd35af005df77b2a691eff83d523b9583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
sWiKmqXh8UjJR/9HSjBlCg==
cross-origin-resource-policy
cross-origin
expires
Sun, 21 Mar 2021 12:11:24 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
CKjWux/MQrx9GL3BeHYHZHdTkiyM+JD3WSyATKZ1ltiPhe+sDSAPdrx8hD1vDihrdBCoiGS5a3auQsImQQ1qaA==
x-fb-trip-id
917726464
x-fb-content-md5
acfba2ed960fd7381633076134a26613
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 21 Mar 2021 12:01:57 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ae61cedbbeaf42638b839aff70e95069"
timing-allow-origin
*
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7C) /
Resource Hash
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 19:22:22 GMT
Server
ECS (amb/6B7C)
Age
12
Etag
"965fcfc23c3459afe3ebf42b92f31e6d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
29026
counter.js
soapps.net/live/loader/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/counter.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.84.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.84.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
98d99f501ee43f01c2bf8c2ccd679113602540d1accdf63b5b661c98d29df3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 04:00:29 GMT
server
nginx
etag
W/"605421dd-a55d"
content-type
application/javascript; charset=UTF-8
via
1.1 google
cache-control
public, max-age=300
alt-svc
clear
x-xss-protection
1; mode=block
theme.js
crooksandliars.com/sites/all/themes/cl_theme18/static/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme18/static/js/theme.js?v=ed70e65c213e0a1c408e12
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
878ba99f69a7097fca4a1a62587981e40667d6d846ef676391962e1a31e03366

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Last-Modified
Mon, 30 Nov 2020 17:46:39 GMT
Server
nginx
ETag
"5fc52fff-f64"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3940
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
glisteningguide.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2svfVFmfR692y-_LnnShhl08-248o3qFh5AJHol-9kA088r9prIfWE8vFc-u44i_
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c9c983531d4702a3ee0f87fbc9387fea952e8a521c8ddbfa49f1124c90bf5db6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"b8b1634c92c7e10b2697da139a40fe9b8b634ef55e741c708fd7b6e243005053"
vary
Accept-Encoding, Accept-Language
x-hostname
711b148b
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Sun, 21 Mar 2021 12:01:58 GMT
timing-allow-origin
*
css_967e838c4911bc72d83c9a9034eefaf5.css
crooksandliars.com/files/css/ 		674 B
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/files/css/css_967e838c4911bc72d83c9a9034eefaf5.css
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
ea73965c84fbe27cdbddb8824648e3062f9a01f5858db169fbbbed7149de2408

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Last-Modified
Fri, 15 Jan 2021 01:55:38 GMT
Server
nginx
ETag
"6000f61a-2a2"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
674
Service-Worker-Allowed
/
Expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-QXNM
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8242cc459e8ebb0fd280d91e3751ff6b55cb96a19e89f4e84c2aa0e843227b28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34806
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:57 GMT
bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:9200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f3fe98eee6a27b1b2c46220b8ce6180560c1f1ba145a2b381feb43d729f6f28

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jizyW4f7dfRs7qxeNlqsKWWev44_pi0m
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 23:16:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
W/"1e280e7b91b0a69a4a65f131ef99d58a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 21 Mar 2021 12:01:57 GMT
x-amz-cf-id
qd1vKz4MH3yXbsylzYM2_EQiXn_UcDbUrnUP_3nqH8eE4QECFAwrDw==
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
4+MMOsrMe3aTGHXj61dePGR+e0GpauP9rN5dwoMCa4DyaHnoxC2rSDIK2oeGAitD6adgSeQ5LA0MhUVGduJwIQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sun, 21 Mar 2021 12:01:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
crooksandliars.min.js
global.proper.io/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/crooksandliars.min.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
326ba52a61b90ab026617a00a08630dbbb62ade006ae67265f0a948735c3df21

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Mar 2021 21:49:47 GMT
server
cloudflare
age
742152
etag
W/"604be1fb-460c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
63370750ee1405f9-FRA
cf-request-id
08f642e690000005f9af821000000001
expires
Sun, 21 Mar 2021 12:06:57 GMT
i.js
tag.bounceexchange.com/3601/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/3601/i.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
cb761113af185bd5089d7e40f9bc119ea8c60738e03e0b0c5c53253d2b62af84

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:32 GMT
content-encoding
gzip
server
fasthttp
age
25
etag
00e39bb8014ea9
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public, max-age=60
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
1366
connatix.playspace.dc.js
cds.connatix.com/p/108993/ Frame A4A2
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/108993/connatix.playspace.dc.js
1 MB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/108993/connatix.playspace.dc.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8660aee083a5dbfdf7dd59c529c411bf60bf5d076903af961df89543bd379871

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PJOeNVH5t2dw.MMehQI2Js.ml6MZlKYv
via
1.1 varnish, 1.1 varnish
etag
"dc50d840f367077ff2696c6a38937a9a"
age
165995
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
226968
x-served-by
cache-dca17757-DCA, cache-cdg20741-CDG
last-modified
Fri, 19 Mar 2021 12:09:52 GMT
x-timer
S1616328118.837532,VS0,VE0
date
Sun, 21 Mar 2021 12:01:57 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 556

Redirect headers

date
Sun, 21 Mar 2021 12:01:57 GMT
via
1.1 varnish
server
Varnish
age
0
x-served-by
cache-cdg20741-CDG
x-cache
HIT
location
https://cds.connatix.com/p/108993/connatix.playspace.dc.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
x-timer
S1616328118.749990,VS0,VE2
content-length
0
retry-after
0
x-cache-hits
0
fontawesome-webfont.woff2
crooksandliars.com/sites/all/themes/cl_theme18/static/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://crooksandliars.com/sites/all/themes/cl_theme18/static/fonts/fontawesome-webfont.woff2?h=af7ae505
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/css/css_9f3c2221aadcda1fabc452f9c5811b68.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://crooksandliars.com
Referer
https://crooksandliars.com/files/css/css_9f3c2221aadcda1fabc452f9c5811b68.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Last-Modified
Thu, 14 May 2020 01:30:07 GMT
Server
nginx
ETag
"5ebc9f1f-12d68"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77160
Service-Worker-Allowed
/
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://crooksandliars.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 22:46:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
393324
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Wed, 16 Mar 2022 22:46:33 GMT
zerg.js
www.zergnet.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/zerg.js?id=77779
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.30.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
2c19d6f7691358efa1d92f802a1c111754ef8d35e87539fd6a0b9cf46e8c9029

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
expires
Sun, 28 Mar 2021 12:01:58 GMT
server
nginx
content-type
application/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baf2c8403dce822be9964189b255c6bf6b435e0faa0e84c668c11712f3605aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53540
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:57 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 Mar 2021 12:01:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame D682 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210316/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 21 Mar 2021 04:26:34 GMT
expires
Sun, 04 Apr 2021 04:26:34 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
27323
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
teads-format.min.js
s8t.teads.tv/media/format/v3/ 		713 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/101830/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8ea85c00336436b411304871b73b23f42b4ecf7a6cfbed1481d5e61a24b01

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-request-id
2Y5W6Z75AJPXKJSQ
content-length
194097
x-amz-id-2
+bANeor81jhPd2Yv7sZAbxRxavptMXe+9Y7DiQbUwktOJ+oiKAbEiiHv1o4fUAmv1tl5PrY9AKw=
last-modified
Wed, 17 Mar 2021 13:25:26 GMT
etag
"6739c87e4122e8feccf20a9bf2501bc3"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials
false
x-bucket
6
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 21 Mar 2021 12:31:57 GMT
400762440991062
connect.facebook.net/signals/config/ 		240 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/400762440991062?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13b1c4180a83ae550d826fafc987187ef8df5cee704f7a84739c4de3abbff358
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70488
x-fb-rlafr
0
pragma
public
x-fb-debug
V81K4WbH6pgfa3jDa5b5hpFqnAi0BbX0oK/HfJ68KTaoZc8SSCcGIvkO9ZKHHb7kfmJMKlMVVjxGcR28aDhxJg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Sun, 21 Mar 2021 12:01:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
abc.txt
static.avantisvideo.com/data/ 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=419955f2-1ca2-4dd8-a68e-332882485bbd&tagId=2&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9771bb018b89d73235e7d0d438119bf0f9d79e82bac5e9d17f3d4fbe34d03ea1

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 11:16:46 GMT
Server
AmazonS3
x-amz-request-id
7Z55Z2K10TJ02QBF
ETag
"65ee261d15ef71fbd9a0a2af908f37c1"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
6561
x-amz-id-2
Np1W03izzAi5Kwr/CyZV2Z6CG4zkZa954gP78kA7G2aFXmW2PrwDMaOiW3f4wZvv7a7T/6jgZYo=
fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/ 		345 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/bf354797-2feb-4d2a-ad39-b31b027bc5f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:9200:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25bdc561b0e244ac740feddb2e7291868609c7664c46e96b9fc100b4f0e26f4f

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ojZuKHu9GbixWcX.bISHe3.iJjmE6wi2
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 23:16:29 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
etag
W/"7e7813c75f1a2484760fdfa3dbf0f4da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Sun, 21 Mar 2021 12:01:57 GMT
x-amz-cf-id
v1_ux8y9Ymbei41PHjRYpMxXL3lDGrpOo9NBqn0AUtbsA00OCum7vQ==
collect
www.google-analytics.com/g/ 		0
164 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MBSB7S97P1&gtm=2oe3a0&_p=1393776533&sr=1600x1200&ul=en-us&cid=652369582.1616328118&_s=1&dl=https%3A%2F%2Fcrooksandliars.com%2F&dt=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&sid=1616328117&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2640119-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
2012
date
Sun, 21 Mar 2021 11:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sun, 21 Mar 2021 13:28:25 GMT
/
www.facebook.com/tr/ 		44 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=400762440991062&ev=PageView&dl=https%3A%2F%2Fcrooksandliars.com%2F&rl=&if=false&ts=1616328117960&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616328117959.1370589910&it=1616328117890&coo=false&rqm=GET
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 21 Mar 2021 12:01:57 GMT
connatix.playspace.css
cds.connatix.com/p/108993/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/108993/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xrvBeDthf6ngVjnP_sehGc.6VrygvLVT
via
1.1 varnish, 1.1 varnish
etag
"a2e4815b59a14d0ee11b3bde797ef7e0"
age
157554
x-cache
HIT, HIT
x-amz-replication-status
FAILED
content-encoding
br
content-length
14290
x-served-by
cache-dca17760-DCA, cache-cdg20741-CDG
last-modified
Fri, 19 Mar 2021 12:09:52 GMT
x-timer
S1616328118.040794,VS0,VE0
date
Sun, 21 Mar 2021 12:01:58 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 17406
latest.js
global.proper.io/payloads/ 		319 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/crooksandliars.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Jan 2021 15:33:24 GMT
server
cloudflare
age
538840
etag
W/"5fff12c4-4fbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
63370751bf4a05f9-FRA
cf-request-id
08f642e713000005f9893d2000000001
expires
Sun, 21 Mar 2021 12:06:58 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 6E1F 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=419955f2-1ca2-4dd8-a68e-332882485bbd&tagId=2&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

x-amz-id-2
Iooa4w3PM3UBsxN2hz6MkG1HhLD4SIcDDSBumQho1ZI+rxld+gBT+3PBoxU4RyF+f6ERe2RubZ8=
x-amz-request-id
9R0G9G5X3YFV8Z9J
Last-Modified
Wed, 21 Oct 2020 12:02:12 GMT
ETag
"616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id
aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Length
15090
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
collect
www.google-analytics.com/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1393776533&t=pageview&_s=1&dl=https%3A%2F%2Fcrooksandliars.com%2F&ul=en-us&de=UTF-8&dt=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=1603772550&gjid=289200097&cid=652369582.1616328118&tid=UA-2640119-1&_gid=842940598.1616328118&_r=1&cd1=%20front_page&cd5=front_page&gtm=2ou3a0&z=1295634378
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
geoip.insticator.com/json/ 		234 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
85442ce38509361f806c88309ba7c5bffabc3d758c83d40ad183a850e4effb3e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
x-database-date
Sat, 20 Mar 2021 18:11:45 GMT
content-length
234
vary
Origin
content-type
application/json
usertracking
b2c.insticator.com/v3/pages/ Frame 3E34 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c.insticator.com/v3/pages/usertracking
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

:method
GET
:authority
b2c.insticator.com
:scheme
https
:path
/v3/pages/usertracking
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-type
text/html; charset=UTF-8
content-length
2821
etag
908c53a9-94f1-4113-b229-fd9a17609ed5
vary
Accept-Encoding,Origin
pragma
max-age=3600
cache-control
max-age=3600
content-encoding
gzip
instbid-3.27.1-lineate.js
df80k0z3fi8zg.cloudfront.net/files/ 		341 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instbid-3.27.1-lineate.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:c00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bdff3474a2489fdebb5d89b7d8306de879cccf19c19c035f3e0874058a9247c

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1Itu7toNKop.2NOnx2uGNcPGoqx61L3u
content-encoding
gzip
last-modified
Wed, 24 Feb 2021 22:23:27 GMT
server
AmazonS3
age
13767
etag
W/"a21d26500c25e2f27a6f7f33a8758ff4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c51e3be89c14e3f859ea898f7e36eced.cloudfront.net (CloudFront)
date
Sun, 21 Mar 2021 08:13:15 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
AnETFclajoeSdBeAmBRtEEy2DWFFIZ1inHBq4m4HJeL1EbzoJSZ_Nw==
config.js
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 		78 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0852f70cade68133654a89906c057fe93240aba1027c8808be21cb1a6cc827a4

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Age
3380
X-Cache
HIT
Connection
keep-alive
Content-Length
18429
x-amz-id-2
/mzNaqMp4TXJb+rni+tyHq3E5cfSi7I5xj4SMOwhfxS1x7yBSE6lxpkzFdj/CWGQI49P8M1xF/c=
X-Served-By
cache-fra19131-FRA
Last-Modified
Sun, 21 Mar 2021 10:49:14 GMT
Server
AmazonS3
X-Timer
S1616328118.166642,VS0,VE0
ETag
"e821c8ed2fc1254fcf843f9022a8e101"
x-amz-request-id
3RE4KQ15XC039BEE
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
68
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:55:23 GMT
content-encoding
gzip
server
Server
age
394
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
HCZDSxQ2y9FB2Cq1UTufsyfYKS3qPyfdiQbKYJyd_dgNLsrFRMCduA==
cookie.js
partner.googleadservices.com/gampad/ 		208 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=crooksandliars.com&callback=_gfp_s_&client=ca-pub-6512936480753445
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
674631006d66a8e3ef197f47254a1856b96120fefcc4985a15c5b53b090a66c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AD99 		54 B
596 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6512936480753445&output=html&adk=1812271804&adf=3025194257&lmt=1616328003&plaf=1%3A1&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plach=6916694011%2C%2B%2C%2B%2C%2B%2C%2B&format=0x0&url=https%3A%2F%2Fcrooksandliars.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616328117862&bpp=13&bdt=594&idt=240&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7948317617749&frm=20&pv=2&ga_vid=652369582.1616328118&ga_sid=1616328118&ga_hid=1393776533&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737458%2C31060049%2C44739387&oid=3&pvsid=380682836778858&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6512936480753445&output=html&adk=1812271804&adf=3025194257&lmt=1616328003&plaf=1%3A1&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plach=6916694011%2C%2B%2C%2B%2C%2B%2C%2B&format=0x0&url=https%3A%2F%2Fcrooksandliars.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616328117862&bpp=13&bdt=594&idt=240&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7948317617749&frm=20&pv=2&ga_vid=652369582.1616328118&ga_sid=1616328118&ga_hid=1393776533&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44737458%2C31060049%2C44739387&oid=3&pvsid=380682836778858&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=268
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 21 Mar 2021 12:01:58 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 21-Mar-2021 12:16:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:58 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-2640119-1&cid=652369582.1616328118&jid=1603772550&gjid=289200097&_gid=842940598.1616328118&_u=IADAAUAAAAAAAC~&z=362122954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 21 Mar 2021 12:01:58 GMT
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
story
capi.connatix.com/core/ Frame A4A2 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
763e34b6faeec7c983f38c580d9cbb29730484b1d4910697ccd4da614b8a1556

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
936
ga-audiences
www.google.com/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2640119-1&cid=652369582.1616328118&jid=1603772550&_u=IADAAUAAAAAAAC~&z=1135522835
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-2640119-1&cid=652369582.1616328118&jid=1603772550&_u=IADAAUAAAAAAAC~&z=1135522835
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
etag
"YoFsxqR3BwPygbSjh02Dug=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 28 Mar 2021 12:01:58 GMT
delivery.js
assets.newsmaxwidget.com/master/ 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.newsmaxwidget.com/master/delivery.js
Requested by
Host: static.newsmaxfeednetwork.com
URL: https://static.newsmaxfeednetwork.com/web-clients/bootloaders/TdUGmQOcTfm6Or8W2H9nVT/bootloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6557d698e6629071be5da47542f295fcb2426f361fa0d4f470cc3d28137f169

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 14:29:54 GMT
server
AmazonS3
x-amz-request-id
5BXBHV7WERQKE24W
etag
"201e8c84688b9794bf5f0de1e422d327"
x-hw
1616328118.cds044.pa1.hn,1616328118.cds227.pa1.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
88116
x-amz-id-2
0CEuSS26HEUii0qd8ZRDoDpbqpmdU0YduV9S0Mx2SEmzbBgV5cov9FL3AY7P6gw5m6r+7MNr5cU=
generic
trends.newsmaxwidget.com/event/ 		0
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.newsmaxwidget.com/event/generic?t=e0BexIGnHI9%2BpNjG49wkYEyVM4y3BQNxwkTNY7a7dgvvBvz6%2FYgrimsvlkxxk7S%2BA%2FaojW3WOF3%2FGbHkr3qzjPKHxbgzvCAowRUaLS4dKWY%3D&e=adapty&s[ref]=https%3A%2F%2Fcrooksandliars.com%2F&s[hash]=TdUGmQOcTfm6Or8W2H9nVT
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
counter.js
secure.statcounter.com/counter/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.statcounter.com/counter/counter.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2021 10:15:35 GMT
server
cloudflare
age
4615
etag
W/"6006b147-98f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
633707537e0b089b-CDG
cf-request-id
08f642e8300000089b91980000000001
expires
Sun, 21 Mar 2021 22:45:03 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame 6E1F 		108 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b812b97d1e2f7ca8ae8391aca9bf10e2e154db8ac62bd82bb8e6990d86bf289a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
108
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Mar 2021 12:01:58 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
wrap.js
confiant-integrations.global.ssl.fastly.net/gpt/202103091517/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gpt/202103091517/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98c6e0838ef56e75a3d90be996ca6e47d87483fb9d7b4148cdd56acb7b133cb8

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Age
76
X-Cache
HIT
Connection
keep-alive
Content-Length
59634
x-amz-id-2
6rNbBEBRZjumx2HPjFNTMoZ69mloeT76xwrThjfzyLjpS8IqaShsWVtR0s0lthNdRt6TuMVj62o=
X-Served-By
cache-fra19131-FRA
Last-Modified
Tue, 09 Mar 2021 20:18:13 GMT
Server
AmazonS3
X-Timer
S1616328118.298615,VS0,VE0
ETag
"ac59bed9604ac24662a02b9b73fcedfa"
x-amz-request-id
1YABMSBHJ55V841F
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
40
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202103091517/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c92d8e0768f7e692715c3bc8625e0b0b7e0d894a33ebfc89ffb7b4493f06e410

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Age
280
X-Cache
HIT
Connection
keep-alive
Content-Length
27391
x-amz-id-2
XjT28ROiu1BlXyCZizq98kXspaBF4WcVLETObJIFXuAOsjTuGCbIChujhjX6vPoOgKhP65cRR2c=
X-Served-By
cache-fra19131-FRA
Last-Modified
Tue, 09 Mar 2021 20:18:15 GMT
Server
AmazonS3
X-Timer
S1616328118.353449,VS0,VE0
ETag
"819c0632346033b324ee7a396f29b19e"
x-amz-request-id
DHHQ4RAFYTCP8D9M
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
154
output.js
www.zergnet.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zergnet.com/output.js?id=77779&time=1616328118287&sc=1&callback=json4007873
Requested by
Host: www.zergnet.com
URL: https://www.zergnet.com/zerg.js?id=77779
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.30.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
19ca57771efc8e428a80bfa166b06efdcb1b0dcc38712b27d4f1d16476ca6ec8

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
server
nginx
p3p
CP="ZergNet does not have a P3P policy. Learn why here: http://www.zergnet.com/p3p"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
application/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 06:13:52 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
20887
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
mLe1Fw7b8eVaoB9s3LJgup5hgurc5iQIkeMhWRZ29eQPLbDcTvcciA==
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:38:31 GMT
via
1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 02:39:21 GMT
server
AmazonS3
age
1408
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
jpNHgkhg9EcN30Ntgj3ud7ybmMyPa9EQUx2dTXNg4b7YsXOoDI6ygg==
pixel;r=782360796;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fcrooksandliars.com%2F;uht=2;fpan=1;fpa=P0-654237293-1616328118340;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=crooksandli...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=782360796;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fcrooksandliars.com%2F;uht=2;fpan=1;fpa=P0-654237293-1616328118340;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=crooksandliars.com;je=0;sr=1600x1200x24;dst=1;et=1616328118340;tzo=-60;ogl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_76f22ac1_d47332f1_1
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_76f22ac1_d47332f1_1&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K0gTRzxE2uH.o7Tl_RfMiTcOmD285_I1~A
155 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K0gTRzxE2uH.o7Tl_RfMiTcOmD285_I1~A
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.13.149.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-13-149-62.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6ee7edbd2cfc07cce71309592739315a3fb7667db35fa483a5de1c5c832f4581

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:01:59 GMT
server
nginx/1.18.0
content-length
155
content-type
text/javascript

Redirect headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-K0gTRzxE2uH.o7Tl_RfMiTcOmD285_I1~A
Connection
keep-alive
Content-Length
0
config.js
confiant-integrations.global.ssl.fastly.net/TzdoClhg0h30W2CCYiFFb2rl5ww/gpt_and_prebid/ 		63 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/TzdoClhg0h30W2CCYiFFb2rl5ww/gpt_and_prebid/config.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b1aa47dc36e365ea5cfabfd1f8ae8721acbef4e91ee53dc4160e8e424ae830e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Age
554
X-Cache
HIT
Connection
keep-alive
Content-Length
16157
x-amz-id-2
CuaN9bNg3hDPBPaxnAbUHouyJlrpSlcs5D+c0jVg3VyO3VR7IYSx/yTWwvwR8h5JAXielrzbPeY=
X-Served-By
cache-fra19176-FRA
Last-Modified
Sun, 21 Mar 2021 11:42:37 GMT
Server
AmazonS3
X-Timer
S1616328118.365803,VS0,VE1
ETag
"e5e77a362b17f234fe39fb07ddf99e40"
x-amz-request-id
ZRVBM9FDQVMZJYB6
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
02d3139d9930000d7ac0590a61c938c24a47b96b998669637c08669166f95f9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"818 / 761 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:58 GMT
bidding
bids.proper.io/api/ 		0
0
arj
propermedia-d.openx.net/w/1.0/ 		173 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcrooksandliars.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&aus=728x90%2C970x90%2C970x250%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600%7C300x250%7C300x250%7C728x90&auid=540403958%2C540403959%2C540403960%2C540403962%2C540403963%2C540721433&aumfs=100%2C100%2C100%2C100%2C100%2C100&dddid=90d69b61-1d6a-4884-bbd1-c4ede4cd6c95%2Ceb21dd3f-b269-43dc-b1e9-b2acdbc3ef1b%2C8d9eae28-ba96-4834-b2f4-7b6010a93a5c%2C1e46b750-bd18-4f13-95bc-be5a2a7468df%2C4714b9f6-bf33-4212-a20a-61041fd9ae56%2Ccc2b34d3-37ba-4760-aeb9-0bb077511dfb&divIds=openx-042c3eff-2303-4118-867b-0d99c2336e74%2Copenx-3c0654a5-11ca-4cf6-8098-412fbb432941%2Copenx-35681434-0833-49a4-95c7-ace44e73d266%2Copenx-3a71e2ce-a307-41bf-a5e8-1b88052792a7%2Copenx-13e67ce2-cbb8-40b2-9a6a-66166cabfd21%2Copenx-ec958c19-d59f-4fff-a5eb-40403f55f424&be=1&bc=hb_pb_3.0.1&nocache=1616328118361&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
fd4e97254cec754fa8c045fa27ffd11e4f6942e523db1a75833025b0ea6d0467

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://crooksandliars.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1616328118362
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 21 Mar 2021 12:01:57 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		837 B
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=238568&zone_id=1176710&size_id=2%3B2%3B15%3B15%3B15%3B15&alt_size_ids=57%3B%3B9%2C10%3B9%2C10%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=4ce6d0c5-3c23-4dc4-b826-f96775ac47ff%3Bd95c8bd5-ca82-44a2-8ebf-faee24b6ba25%3B296b8830-62fc-4fed-8c4a-fbf0a105df68%3B3c768737-8517-4e39-9dd8-bd7173e70942%3B87305027-630d-4b87-9dc8-8953e5aa9537%3Bc11e3e3c-2c43-4670-9419-dc7e31d910da&p_screen_res=1600x1200&tg_fl.eid=1176710-5%3B1176710-6%3B1176710-1%3B1176710-2%3B1176710-3%3B1176710-4&rf=https%3A%2F%2Fcrooksandliars.com%2F&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=6&rand=0.052499947955986004
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.41 , United Kingdom, ASN (),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a99f6f159973dea250e82a14f46bfd4ae8b3ae76436e64cb47cdcede6bba8474

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:01:58 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
837
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ 		45 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
54cd1be1701f6b8897588512c0fe5f88bcd78731a51f5c06877264a8b5bf0d0b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=-60&buster=1616328118364&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F&measurable=true&property=5c7dc3ee68958f00125bb54c&bids[0][bidId]=crooksandliars_300x250&bids[0][sizes][0][width]=300&bids[0][sizes][0][height]=250&foo
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
9701e9e558ff961dd9aba76d28a6e0a30c9109e0f10de723900f3c95f850ab88

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:59 GMT
x-powered-by
Express
etag
W/"38-dmukq9tlX96Wds8iEylZ4gLM6oM"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=pn5JiZ1w14hHksqGyAziYrrZ&bidId=pn5JiZ1w14hHksqGyAziYrrZ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=qEuK1gtPXLZNEzojFC4yxwTf&bidId=qEuK1gtPXLZNEzojFC4yxwTf&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=KPmFNstvKZhZoZkaJi8hg4Po&bidId=KPmFNstvKZhZoZkaJi8hg4Po&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=QJJoshB5L8QGo1Z8uwJS6UtJ&bidId=QJJoshB5L8QGo1Z8uwJS6UtJ&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.167.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
vary
Origin
mvo
tag.1rx.io/rmp/78983/0/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/78983/0/mvo?z=1r&hbv=3.26,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.19.147.210 , United Kingdom, ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://crooksandliars.com
Pragma
no-cache
Date
Sun, 21 Mar 2021 12:01:58 GMT
Cache-Control
private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Server
Tengine
Connection
keep-alive
translator
hbopenbid.pubmatic.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:56 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		694 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3d2071a311576a54fb725a98e3a5c098fb83f23eb807fd9e99656735f881a107
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
79ee6bdb-b140-4b79-9ed7-7ebf2a6d8b6c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		712 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e2f794ed9dbff623e26c28f7f2aa46819344bef9eaad9cb396625fdda0a00c4a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7bd1ff08-c0a8-43e7-908f-5e01a8452d86
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=29&wv=3.26.0&cb=7924031774&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:57 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
headertag
as-sec.casalemedia.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22251486763%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-bVUy9%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-bVUy9%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22728x90-2-1FRqn%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-1FRqn%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-1-ivbGe%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-ivbGe%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22160x600-2-OAeV2%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-OAeV2%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-1-TzVi0%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-TzVi0%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-2-TDHNm%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-TDHNm%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-3-X9hfu%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-X9hfu%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x250-4-kcdvP%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-4-kcdvP%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-1-B5bhl%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-B5bhl%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22300x600-2-Uiyiw%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-Uiyiw%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22970x250-1-DIaiz%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22970x250-1-DIaiz%22%2C%22siteID%22%3A333149%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%7D&t=300&fn=window.proper_34af668f_8eb63ee6_2
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf3b6cac3c99b6d5f97ac952d13e9cd4cc48a51c5c518cdb95046bc2d1516f34

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:01:59 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1463
Expires
Sun, 21 Mar 2021 12:01:59 GMT
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
hb
ssc.33across.com/api/v1/ 		0
0
t.php
c.statcounter.com/ 		367 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?u1=F748CF6829774FDB89293200E3164A1D&sc_project=8624509&java=1&security=4af12c5c&sc_snum=1&sess=830817&sc_rum_e_s=2207&sc_rum_e_e=2211&sc_rum_f_s=0&sc_rum_f_e=2176&p=0&rcat=d&rdom=d&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//crooksandliars.com/&t=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&get_config=true
Requested by
Host: secure.statcounter.com
URL: https://secure.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6fe2b43f3b2ba33fa7f3458cee544586d9e0bf2ddc080dfd1bd0a0f6f47bcb

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
633707540fb0089b-CDG
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
content-type
application/json
cf-request-id
08f642e8810000089bb7bf3000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
rules-p-BPccr2KyQ9KB9.js
rules.quantcount.com/ 		3 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-BPccr2KyQ9KB9.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:57:52 GMT
via
1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
247
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
cache-control
max-age=300
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
a1dlqs6Jfbl7K1-JuOZl459_kImKnUoYdJkE6x212TxukaU3UTrAVw==
pixel;r=1856204699;rf=3;a=p-BPccr2KyQ9KB9;url=https%3A%2F%2Fcrooksandliars.com%2F;uht=2;fpan=0;fpa=P0-654237293-1616328118340;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=crooksandl...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1856204699;rf=3;a=p-BPccr2KyQ9KB9;url=https%3A%2F%2Fcrooksandliars.com%2F;uht=2;fpan=0;fpa=P0-654237293-1616328118340;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=crooksandliars.com;je=0;sr=1600x1200x24;dst=1;et=1616328118451;tzo=-60;ogl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
3x2bgk7ht2
www.clarity.ms/tag/ 		862 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/3x2bgk7ht2
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a2a888d43fd28422a665bbe2d732a247b1e25bd0de93601651f58216a01cc200

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, no-store
x-azure-ref
0tjVXYAAAAADr+QvCrl+eSL5XmwQPFyHURlJBRURHRTEwMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
expires
-1
collect
www.google-analytics.com/ 		35 B
86 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j88&a=1393776533&t=event&_s=2&dl=https%3A%2F%2Fcrooksandliars.com%2F&ul=en-us&de=UTF-8&dt=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=breakpoint-xlg-home&_u=KADAAUABAAAAAC~&jid=&gjid=&cid=652369582.1616328118&tid=UA-2640119-1&_gid=842940598.1616328118&cd1=%20front_page&cd5=front_page&gtm=2ou3a0&did=i5iSjo&z=1779509973
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Mar 2021 22:56:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47102
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=debug-bts&fv=690&ts=1616328118460&env=js-web&pageId=101830&pid=30901&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&f=1&debug_metadata=wb&referer=https%3A%2F%2Fcrooksandliars.com%2F
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a104-76-201-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&pageId=101830&pid=30901&debug_metadata=PBVev9uxEX&fv=690&ts=1616328118462&f=1&referer=https%3A%2F%2Fcrooksandliars.com%2F
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a104-76-201-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&pageId=101830&pid=30901&slot=corner&fv=690&ts=1616328118470&f=1&referer=https%3A%2F%2Fcrooksandliars.com%2F
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a104-76-201-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ad
a.teads.tv/page/101830/ 		519 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/101830/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fcrooksandliars.com%2F&page=%7B%22id%22%3A101830%2C%22placements%22%3A%5B%7B%22id%22%3A30901%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&formatVersion=2.22.61&env=js-web&netBw=10&ttfb=249
Requested by
Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c2d61dbcf89212fc5395085521d264e5648ecf868dc9950ba3ea14a777102870

Request headers

Accept
application/json; charset=UTF-8
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
342
expires
Sun, 21 Mar 2021 12:01:58 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1616328118474&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1616328118474&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1616328118474&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=44557933&cs_ucfr=&cs_ak_ss=1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:01:58 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1616328118474&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=44557933&cs_ucfr=&cs_ak_ss=1
Pragma
no-cache
Date
Sun, 21 Mar 2021 12:01:58 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
ijs_all_modules_83c0f4e60b0392ce70c6ccf2e686230c.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		479 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_83c0f4e60b0392ce70c6ccf2e686230c.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/3601/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4605d4fa553d68a48aeed6c35e93e7a7c8dfa63c35683ca6ea04dcab48a5fc2a

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 08:14:40 GMT
content-encoding
gzip
age
186439
x-guploader-uploadid
ABg5-UwtPTJCXeOVJGd_F-JqQu30LC4xUBYb9o28o4PxAYHYHF9l4sRgB0RPMO4hh1W_XRQUdHdTCri3j9fTKtsMyzcV8FSQfg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
115050
last-modified
Tue, 16 Mar 2021 14:50:23 GMT
server
UploadServer
etag
"4a2d53a4ee7dad5060267d01dcf1aa34"
vary
Accept-Encoding
x-goog-hash
crc32c=pFLuSQ==, md5=Si1TpO59rVBgJn0B3PGqNA==
x-goog-generation
1615906223770791
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
115050
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 19 Mar 2022 08:14:40 GMT
/
blueamerica.crooksandliars.com//widgets/latest/ Frame EF3F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com/widgets/latest/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx / PHP/7.3.14
Resource Hash
5cc2c3810e4b3c6f15f7399c87afc16b4718561cc4ccbfb2de6ed1d2491ecda3

Request headers

Host
blueamerica.crooksandliars.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_fbp=fb.1.1616328117959.1370589910; _ga=GA1.2.652369582.1616328118; _gid=GA1.2.842940598.1616328118; _gat_gtag_UA_2640119_1=1; __gads=ID=99559003c82aac8b-22bbaa44d6ba008b:T=1616328118:RT=1616328118:S=ALNI_MbwTzgOBBXCXJF9H_h2GSsFW_SjPg; properSessionData=eyJ1dWlkIjoiZjQyMzViNTYtZTYyYS00MThjLWIxNjQtN2YwMzcyZDgyZjgyIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fdGVybSI6IiIsInV0bV9jb250ZW50IjoiIiwicmV2ZW51ZSI6MH0=; __qca=P0-654237293-1616328118340; sc_is_visitor_unique=rx8624509.1616328118.F748CF6829774FDB89293200E3164A1D.1.1.1.1.1.1.1.1.1; _ga_MBSB7S97P1=GS1.1.1616328117.1.0.1616328118.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
743
Connection
keep-alive
X-Powered-By
PHP/7.3.14
Cache-Control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"818 / 573 of 1000 / last-modified: 1616191964"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19836
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:58 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=c1e5614b4a53caed06e32886de1c0a6d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47e7164f5ed832383ec96b33c61bdd7708cd670865e10c228f81a7d08fdffc70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://crooksandliars.com
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
NPOp9E9TbLRBm4BNkEdjRQ==
cross-origin-resource-policy
cross-origin
expires
Mon, 21 Mar 2022 11:15:45 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60836
x-fb-rlafr
0
x-fb-debug
qHIjlEFPah9x2lgewGmDxm5d7furwq7CAroN2xIaWNf2tQ8h5v5T+4Fs7OQjFJ0BHZTWdYoyvUf3F0gWtcpBwQ==
x-fb-trip-id
2050670934
x-fb-content-md5
3eb9bcf4323779ee5ccf28d07e9fbc8b
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 21 Mar 2021 12:01:58 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"d6d12803f27bf77f68def47acce4dafb"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html
platform.twitter.com/widgets/ Frame AD9F 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fcrooksandliars.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B9E) /
Resource Hash
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
918695
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Mar 2021 12:01:58 GMT
Etag
"e9ffeb87a3b6f068499be71966b442d9+gzip"
Last-Modified
Wed, 03 Mar 2021 19:20:25 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B9E)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105690
getThreadsCounters
soapps.net/live/comments/api/externalAPI/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/externalAPI/getThreadsCounters
Protocol
H2
Server
35.201.84.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.84.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Sun, 21 Mar 2021 12:01:59 GMT
content-length
0
requestid
110e8495-43f8-40f0-ac90-452fc6f4fb47
access-control-allow-origin
https://crooksandliars.com
vary
Origin, Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers
content-type
x-content-type-options
nosniff
x-xss-protection
1; mode=block
via
1.1 google
alt-svc
clear
getThreadsCounters
soapps.net/live/comments/api/externalAPI/ 		148 B
226 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/comments/api/externalAPI/getThreadsCounters
Requested by
Host: soapps.net
URL: https://soapps.net/live/loader/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.84.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
252.84.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c35fa444a75c5b5493ba609fb5f26e9fea09551d46b74050779a30f6ff7b3873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://crooksandliars.com
requestid
509fd9ea-41cc-4df9-9398-cc8befd56822
vary
Origin
content-type
application/json
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		44 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=400762440991062&ev=Microdata&dl=https%3A%2F%2Fcrooksandliars.com%2F&rl=&if=false&ts=1616328118552&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars%22%2C%22meta%3Adescription%22%3A%22A%20progressive%20news%20blog%20focusing%20on%20political%20events%20and%20the%20news%20coverage%20of%20them%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5B%5D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%22%2C%22logo%22%3A%22https%3A%2F%2Fcrooksandliars.com%2Ffiles%2Fcl_theme_logo.png%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fcrooksandliars.com%2Fsolr%2F%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Crooks%20and%20Liars%22%2C%22url%22%3A%22https%3A%2F%2Fcrooksandliars.com%22%2C%22logo%22%3A%22https%3A%2F%2Fcrooksandliars.com%2Ffiles%2Fcl_theme_logo.png%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Fcrooksandliars.site%22%2C%22https%3A%2F%2Ftwitter.com%2Fcrooksandliars%22%2C%22https%3A%2F%2Fplus.google.com%2F%2Bcrooksandliars%22%2C%22https%3A%2F%2Fcrooksandliars.tumblr.com%2F%22%5D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616328117959.1370589910&it=1616328117890&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 21 Mar 2021 12:01:58 GMT
6364434_300.jpg
img5.zergnet.com/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6364434_300.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.37 , United States, ASN (),
Reverse DNS
server-13-226-159-37.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
596e15b10954cf1951b9262cc881640a7615eb2835ac54ca34006c35438ee1b8

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 19:22:30 GMT
Via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 19 Mar 2021 19:05:35 GMT
Server
AmazonS3
Age
146369
ETag
"88e5925aa77bfa85c927a11449040cfd"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
23744
X-Amz-Cf-Id
TfgapqpwKirK3e52yCqOgyua1GxKPHjfkpbNtFixHMtwLEjEOPkq5Q==
Expires
Sat, 19 Mar 2022 19:05:34 GMT
6362882_300.jpg
img5.zergnet.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img5.zergnet.com/6362882_300.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.37 , United States, ASN (),
Reverse DNS
server-13-226-159-37.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82d8c0f4570d34a35aa40ed053b4dcdeaad91506071454c997dfb3e5457dc852

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 15:00:50 GMT
Via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 19 Mar 2021 14:46:06 GMT
Server
AmazonS3
Age
162069
ETag
"382d71728074ff111b417da90d14da00"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
17112
X-Amz-Cf-Id
sEJQyiQtiRlWTlgFrQ5LD7TlAace-24pLAb-km_JxnondMu__Vvw4Q==
Expires
Sat, 19 Mar 2022 14:46:05 GMT
6330289_300.jpg
img2.zergnet.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img2.zergnet.com/6330289_300.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.129 , United States, ASN (),
Reverse DNS
server-13-226-159-129.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2279a6421f69524628c6605d5fea106d9fef83696e51d61b21030c26bff1c9e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Mar 2021 17:20:08 GMT
Via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Mar 2021 17:15:44 GMT
Server
AmazonS3
Age
1017712
ETag
"424740d67489dd0642709cd242b2a13a"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
19272
X-Amz-Cf-Id
59_aGL0G9UpZRXkto4_or93O2xDRrJtOyyy9oJ6GbtOIyHyYgiJ_rQ==
Expires
Wed, 09 Mar 2022 17:15:43 GMT
6331495_300.jpg
img4.zergnet.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img4.zergnet.com/6331495_300.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.18 , United States, ASN (),
Reverse DNS
server-13-226-159-18.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3adaad0981dceafd37b9858e50210b6f67fa747e9fddcd62d67ed427a3574de

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Mar 2021 21:10:47 GMT
Via
1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 09 Mar 2021 20:56:26 GMT
Server
AmazonS3
Age
1003879
ETag
"ecd0d18d41944f36179703334eb52f21"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=290304000, public
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
10092
X-Amz-Cf-Id
Dddnqx6ysUn2Iy4KqmKAitM_eKZVDepe1rHFCAEo_hvdb-Y3ATFccA==
Expires
Wed, 09 Mar 2022 20:56:25 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2f63edf41c2dd793b54f1a0c1c35bc5ea6da64b77c7fe9e322151489a5a7a98

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
/
trends.newsmaxwidget.com/api/demand/ 		52 B
268 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/demand/?w=167087&wlw=newsmaxwidget.com
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.newsmaxwidget.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/sync
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:58 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:01:58 GMT
clarity.js
www.clarity.ms/cus/s/0.6.10/ 		45 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/s/0.6.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3x2bgk7ht2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
etag
"1d71cfd9d2da6e0"
last-modified
Fri, 19 Mar 2021 20:22:42 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=86400
x-azure-ref
0tjVXYAAAAAAeY/Zj4xltRaiUyIfZjIDaRlJBRURHRTEwMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges
bytes
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=7657B3D6D7854B9A80E47EE26F7A4250&RedC=c.clarity.ms&MXFR=323953F848556EE8175C43F94C5560BE
  • https://c.clarity.ms/c.gif?CtsSyncId=7657B3D6D7854B9A80E47EE26F7A4250&MUID=24B64136B3D360652FE15137B2B86119
42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=7657B3D6D7854B9A80E47EE26F7A4250&MUID=24B64136B3D360652FE15137B2B86119
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:57 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
x-msedge-ref
Ref A: F868AECD5D364E6B9AB3B003B782B709 Ref B: FRAEDGE1411 Ref C: 2021-03-21T12:01:58Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=7657B3D6D7854B9A80E47EE26F7A4250&MUID=24B64136B3D360652FE15137B2B86119
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
settings
syndication.twitter.com/ Frame AD9F 		183 B
411 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=7c6218fd1e1c5b5ed0e285ab0ddebd395ffbaa8d
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.0edc1ef9f8b82d9b79c6115bda79f63f.html?origin=https%3A%2F%2Fcrooksandliars.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN (),
Reverse DNS
Software
tsa_f /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
108
date
Sun, 21 Mar 2021 12:01:59 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 12:01:59 GMT
server
tsa_f
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
37ee63a09b1abfae946febc5e2064296
strict-transport-security
max-age=631138519
content-length
152
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.newsmaxwidget.com/api/delivery/ 		29 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/api/delivery/?w=167087&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fcrooksandliars.com%2F&icr_url=&va=1&time=1616328118661&up=pc&bn=chrome&bv=89&widget_width=300
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
a6d01915adc7ca4afb99537d62f00e7fe7ac24a4af07d4f7ad5630e6cfcdf962
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
11501
latest.css
blueamerica.crooksandliars.com//widgets/latest/ Frame EF3F 		1019 B
860 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blueamerica.crooksandliars.com//widgets/latest/latest.css
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
11389f87b6ac19653ac923a2a6deb163b41f1d703f16e1b8fc329b50f537eb61

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 21:48:40 GMT
Server
nginx
ETag
"3fb-582e72302de00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
500
Expires
Mon, 21 Mar 2022 12:01:58 GMT
ba_text.png
blueamerica.crooksandliars.com//widgets/latest/assets/ Frame EF3F 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com//widgets/latest/assets/ba_text.png
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
7ab5c170c1ba95ba833132b1e178a71f37e24332cc06cfde528679ad9fc93d4f

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:59 GMT
Last-Modified
Wed, 27 Feb 2019 21:48:40 GMT
Server
nginx
ETag
"2243-582e72302de00"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8771
Expires
Mon, 21 Mar 2022 12:01:59 GMT
ba-blank-150x150.jpg
blueamerica.crooksandliars.com/wp-content/uploads/2018/09/ Frame EF3F 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2018/09/ba-blank-150x150.jpg
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
8363f4dcb892da78482b91a16f71f9b863a7fb3e406427662eecbc2e76d086c4

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:59 GMT
Last-Modified
Mon, 03 Sep 2018 22:00:08 GMT
Server
nginx
ETag
"1e10-574feaa1b8a00"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7696
Expires
Mon, 21 Mar 2022 12:01:59 GMT
EricaSmithPurpleSwirl-150x150.jpg
blueamerica.crooksandliars.com/wp-content/uploads/2021/03/ Frame EF3F 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2021/03/EricaSmithPurpleSwirl-150x150.jpg
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
0c526bee37bf8a96108c109c860b5c5023377163313de3890cbd2ccf50990f34

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:59 GMT
Last-Modified
Sun, 07 Mar 2021 19:45:51 GMT
Server
nginx
ETag
"10c7-5bcf790920925"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4295
Expires
Mon, 21 Mar 2022 12:01:59 GMT
AlexandraHunt-150x150.jpeg
blueamerica.crooksandliars.com/wp-content/uploads/2021/03/ Frame EF3F 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2021/03/AlexandraHunt-150x150.jpeg
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
859ca7429f8beead0569dbabc9bbcf30dc37a4a0276e68ef1e8638501f636086

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:59 GMT
Last-Modified
Wed, 03 Mar 2021 17:11:09 GMT
Server
nginx
ETag
"196b-5bca4efe9bb34"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6507
Expires
Mon, 21 Mar 2022 12:01:59 GMT
Screen-Shot-2021-02-21-at-6.57.11-AM-150x150.png
blueamerica.crooksandliars.com/wp-content/uploads/2021/02/ Frame EF3F 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blueamerica.crooksandliars.com/wp-content/uploads/2021/02/Screen-Shot-2021-02-21-at-6.57.11-AM-150x150.png
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
3d52a1481cc0df7232efc072d18aa863f979b6ce1f101ef923d6a750eb60763e

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:59 GMT
Last-Modified
Sun, 21 Feb 2021 16:11:03 GMT
Server
nginx
ETag
"501d-5bbdaee97c694"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20509
Expires
Mon, 21 Mar 2022 12:01:59 GMT
main.js
blueamerica.crooksandliars.com//widgets/latest/ Frame EF3F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blueamerica.crooksandliars.com//widgets/latest/main.js
Requested by
Host: blueamerica.crooksandliars.com
URL: https://blueamerica.crooksandliars.com//widgets/latest/?num=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.238.37.130 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
sam.crooksandliars.com
Software
nginx /
Resource Hash
b636e945e7a51dfdac0a86a3329e1369f03597b4e5d7b0218c3b6710ee918e92

Request headers

Referer
https://blueamerica.crooksandliars.com//widgets/latest/?num=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Feb 2019 21:48:40 GMT
Server
nginx
ETag
"3591-582e72302de00-gzip"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5031
Expires
Mon, 21 Mar 2022 12:01:58 GMT
sr
capi.connatix.com/tr/ Frame A4A2 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ee268718-631a-42e2-9d24-7e92d626320e.bin
vid.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ Frame A4A2 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ee268718-631a-42e2-9d24-7e92d626320e.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02f77c0a6d24815b92b531ae261cfbc0f39e63f8795fd3e21809a3a224200b8d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
via
1.1 varnish, 1.1 varnish
age
13196
x-cache
HIT, HIT
content-encoding
gzip
content-length
775
x-served-by
cache-mdw17351-MDW, cache-cdg20765-CDG
last-modified
Sun, 21 Mar 2021 08:18:15 GMT
x-timer
S1616328119.739855,VS0,VE0
etag
"15d82aa95a23ebcf624b9a8f7241e3c5"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
1.png
img.connatix.com/d60f5cfc-7f17-427b-8453-12b256768837/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d60f5cfc-7f17-427b-8453-12b256768837/1.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba1ab31c0baa328a01132704ed3c7f669e8e92485a64517ae1b0cc3ecb67029e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
157658
x-cache
HIT, HIT, HIT
fastly-io-info
ifsz=12625 idim=108x87 ifmt=png ofsz=11693 odim=108x87 ofmt=png
fastly-stats
io=1
content-length
11679
x-served-by
cache-dca17767-DCA, cache-mdw17320-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.699192,VS0,VE1
etag
"6RuZS0nK8heEMrc/ff4Z1iAw8+otXxH/g5bcQ2H81vs"
content-type
image/png
via
1.1 varnish, 1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1, 1
Bywktt
ad.doubleclick.net/ddm/adj/Amjc/ 		11 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/Amjc/Bywktt
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN (),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
sync.teads.tv/ Frame 0DF2 		153 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=30901&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&vid=a6629ca970293d075507061dccc72c047e77af28&1616328118717
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?pid=30901&gdprIab={%22reason%22:220,%22status%22:22,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-web&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&vid=a6629ca970293d075507061dccc72c047e77af28&1616328118717
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.1.9
content-length
153
expires
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 21 Mar 2021 12:01:58 GMT
set-cookie
tt_bluekai=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Sat, 20 Mar 2021 11:01:58 GMT; Max-Age=0; Domain=.teads.tv; Path=/; Secure; SameSite=None
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=adCall&pid=30901&pageId=101830&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&vid=a6629ca970293d075507061dccc72c047e77af28&cts=1616328118599&env=js-web&gdpr_apply=true&gdpr_status=22&gdpr_reason=220&ca=false&bsg=unsafe&bsias=unsafe&rpm_reason=2&fv=690&ts=1616328118719&referer=https%3A%2F%2Fcrooksandliars.com%2F
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a104-76-201-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=faf879aa-25b1-4b69-a6ff-2433732ced77&pageId=101830&pid=30901&slot=corner&vid=a6629ca970293d075507061dccc72c047e77af28&fv=690&ts=1616328118720&f=1&referer=https%3A%2F%2Fcrooksandliars.com%2F
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.201.56 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a104-76-201-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
ao
capi.connatix.com/tr/ Frame A4A2 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
ps
capi.connatix.com/tr/ Frame A4A2 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
mq
capi.connatix.com/tr/ Frame A4A2 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/mq?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
g
capi.connatix.com/rtb/ Frame A4A2 		347 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e78ac25678dc30c6fb628abb8225effa4ba2f7ec7e94350992ff5ef76870bc22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
4b0496bf-af8f-4d23-947e-10a7166e1d63.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		17 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/4b0496bf-af8f-4d23-947e-10a7166e1d63.jpg?crop=373:281,smart&width=373&height=281&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7750c66177119690f634629785f32d4b7d242dd57913c0ba0e2c2c6b3b7079b

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
13379
x-cache
HIT, HIT
fastly-io-info
ifsz=65352 idim=1200x674 ifmt=jpeg ofsz=16977 odim=373x281 ofmt=jpeg
fastly-stats
io=1
content-length
16603
x-served-by
cache-mdw17354-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.825888,VS0,VE1
etag
"bYbKTiZ8QTGoYO9puaE+PZk23/fu4W/g4SG+PTNM3p4"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 1
container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 729A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-23/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1479
date
Thu, 18 Mar 2021 06:52:51 GMT
expires
Fri, 18 Mar 2022 06:52:51 GMT
last-modified
Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
277747
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4b0496bf-af8f-4d23-947e-10a7166e1d63.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/4b0496bf-af8f-4d23-947e-10a7166e1d63.jpg?crop=373:210,smart&width=373&height=210&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47c7d192fb17655dcaade4cb628c09cbcdd270eb8807c4bb061c31c6fa416df7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
13380
x-cache
HIT, HIT
fastly-io-info
ifsz=65352 idim=1200x674 ifmt=jpeg ofsz=14689 odim=373x210 ofmt=jpeg
fastly-stats
io=1
content-length
14317
x-served-by
cache-mdw17335-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.887939,VS0,VE1
etag
"s+tSua+8xYWgVzDKGJZr7Znim34GjwznVDmvCnhvvVI"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
157c19bc-7f64-46a4-bab0-855ff70ff089.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/157c19bc-7f64-46a4-bab0-855ff70ff089.jpg?crop=373:210,smart&width=373&height=210&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d931343dc7d4a27df4fe1c9ef3cd84d9c0feb61a978b00fb52c7eea6f7c2d30d

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
13380
x-cache
HIT, HIT
fastly-io-info
ifsz=557264 idim=987x651 ifmt=jpeg ofsz=12115 odim=373x210 ofmt=jpeg
fastly-stats
io=1
content-length
11719
x-served-by
cache-mdw17365-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.888827,VS0,VE1
etag
"Za+ToalI7MJdYMokYSwNcLrhTnesNhOUXuAH9e6LsBw"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 1
37efa81e-76de-494b-9dcf-e352c2a0f4c0.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/37efa81e-76de-494b-9dcf-e352c2a0f4c0.jpg?crop=373:210,smart&width=373&height=210&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e85c814bb0d1f6b50829fb1cf2d8a0ea443d65ad2e09c94a2b6afea97dbe0301

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
13380
x-cache
HIT, HIT
fastly-io-info
ifsz=38157 idim=425x318 ifmt=jpeg ofsz=13077 odim=373x210 ofmt=jpeg
fastly-stats
io=1
content-length
12680
x-served-by
cache-mdw17363-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.893842,VS0,VE1
etag
"cPW3NPNPzpL3oAD8+bIXTi7AFF+qH2JjHlTnYI89/2o"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 1
1175d3d2-723b-4923-812b-60c977d6fb38.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/1175d3d2-723b-4923-812b-60c977d6fb38.jpg?crop=373:210,smart&width=373&height=210&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9538f4e06a909fd490228a56f9704dc2b3381416ccff7c9aa169b6ff7fc54c15

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
13380
x-cache
HIT, HIT
fastly-io-info
ifsz=58330 idim=1200x674 ifmt=jpeg ofsz=12394 odim=373x210 ofmt=jpeg
fastly-stats
io=1
content-length
11962
x-served-by
cache-mdw17332-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.893829,VS0,VE1
etag
"LIpGLrZ4ezEmxNCwJ9t2jWHVKbMgU0d9A9NZJz1bgjk"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
6a38171a-a72b-499d-b53b-3c0783e096b4.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		15 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/6a38171a-a72b-499d-b53b-3c0783e096b4.jpg?crop=373:210,smart&width=373&height=210&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a560c952162309d8a119c1667ac9efb91dceca2d216338aaf62c67784b2b972

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:58 GMT
content-encoding
br
age
13380
x-cache
HIT, HIT
fastly-io-info
ifsz=159112 idim=1000x564 ifmt=jpeg ofsz=14990 odim=373x210 ofmt=jpeg
fastly-stats
io=1
content-length
14624
x-served-by
cache-mdw17340-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328119.893820,VS0,VE1
etag
"7j0IIOEf1zdwgGYrOR1hjpBiJ8inSrbwhzYAstiNnFc"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
script.js
d1bvk193qme2fc.cloudfront.net/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1bvk193qme2fc.cloudfront.net/script.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:e200:19:f03c:7200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
52f92343631b055fb6a93a956f73ed600f825d9cf50ad8705c25395b6da72fbf

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:54:56 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 04:08:22 GMT
server
AmazonS3
age
425
etag
W/"71666420e6163466d909124aff0ac939"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
sZNOAbjXP8GLoabfEx7GWuQDhQM_8apu5G1Cz-Gf1DkpnI1Xx7FzRw==
impression
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/impression
Requested by
Host: assets.newsmaxwidget.com
URL: https://assets.newsmaxwidget.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
the-pun-cr.js
cdn.avantisvideo.com/js/ 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
10e0e8557bd1d3ed1b1bbfedb57421ac0527cdc4e926f7f07188330848fd626f

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
asFPhnxutn2H54LNIG86R683FzFr_XRy
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 07:54:32 GMT
Server
AmazonS3
x-amz-request-id
TDH998F2ZN44D496
ETag
"9a75ea1a51eaa7e52a92175fc3143c8d"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Sun, 21 Mar 2021 12:01:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
35940
x-amz-id-2
5du7UwEqQspQlCLsaJSCBepqHM25ri/Ifpg1lCstTfmAmaC2hKIapL0rHHwQMcfjrjIc/M0SXY4=
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
desktop
avm.avantisvideo.com/api/v1/tag/419955f2-1ca2-4dd8-a68e-332882485bbd/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/419955f2-1ca2-4dd8-a68e-332882485bbd/3/desktop
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:01:59 GMT
content-length
2
content-type
text/plain
desktop
avm.avantisvideo.com/api/v1/tag/419955f2-1ca2-4dd8-a68e-332882485bbd/3/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/419955f2-1ca2-4dd8-a68e-332882485bbd/3/desktop
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e2c8e0d147d1f20477590821dcc2991b158b0ee8e27684e942f851f5a05b2c0d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
1107
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Mar 2021 12:01:59 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
15778087371480659315.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/15778087371480659315.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c56e46c9c8ed096f208a34b0ac5699c978f59dd3272aff1c155d41c5615f6ead
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="15778087371480659315.webp"
server-timing
fastly;dur=1;cpu=0;start=2021-01-27T04:58:30.515Z;desc=hit,rtt;dur=0
content-length
17974
last-modified
Mon, 12 Oct 2020 18:21:31 GMT
server
Cloudinary
etag
"b7f9f5bf10611b549229bcd3489d1916"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds006.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
26b5fe43c99967c1ac0442eabac4ed88.png
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/26b5fe43c99967c1ac0442eabac4ed88.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
95953fc08807345d363b9c6f2f2e8ee046c4a3204282eea7b7c9e3d5b150207e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="26b5fe43c99967c1ac0442eabac4ed88.webp"
server-timing
fastly;dur=96;cpu=0;start=2021-03-08T15:16:54.945Z;desc=hit,rtt;dur=0
content-length
4314
last-modified
Mon, 22 Feb 2021 21:21:07 GMT
server
Cloudinary
etag
"fb1d8c911af317d3ec2636703b53a205"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds039.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5f31b6ec7e0f37-27023307.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/5f31b6ec7e0f37-27023307.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
38f4cafad6d235a057eb945e6f6e0cc55bb1a34eb0a3c77acc216df43db1221d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="5f31b6ec7e0f37-27023307.webp"
server-timing
fastly;dur=126;cpu=0;start=2021-03-08T15:09:34.812Z;desc=miss,rtt;dur=0,cloudinary;dur=46;start=2021-03-08T15:09:34.851Z
content-length
8054
last-modified
Mon, 01 Mar 2021 21:35:01 GMT
server
Cloudinary
etag
"28b8567a2130173955993ca4a1c26751"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds226.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
f26909eb4dabfe6697efebdbcfb90354.jpeg
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/f26909eb4dabfe6697efebdbcfb90354.jpeg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
20a8d1ff19828fabaa37c29d7ea131752f7a1b2d691a4eda578427df7af10456
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="f26909eb4dabfe6697efebdbcfb90354.webp"
server-timing
fastly;dur=1;cpu=0;start=2021-03-08T16:12:35.373Z;desc=hit,rtt;dur=0
content-length
4956
last-modified
Tue, 05 Jan 2021 17:48:04 GMT
server
Cloudinary
etag
"3dab42f84bea43cc0f9ecb60f217bb2e"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds215.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
7b1aeb9c77947690764383b5af35a252.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/7b1aeb9c77947690764383b5af35a252.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
eb9bedad7a0456401637c4005695128dbecdef19980314998678a7f2551bc3c8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="7b1aeb9c77947690764383b5af35a252.webp"
server-timing
fastly;dur=3;cpu=1;start=2021-03-08T19:19:56.447Z;desc=hit,rtt;dur=0
content-length
15986
last-modified
Mon, 08 Mar 2021 15:11:14 GMT
server
Cloudinary
etag
"49e995a4c01d648ab54e5b6be8cc1738"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds013.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6048d94dbc0fd4-96111796.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/6048d94dbc0fd4-96111796.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5fae6c2098dea78ab9a98fe7a91f64b6c7a848d9c2fa8c996847263f0f230c26
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="6048d94dbc0fd4-96111796.webp"
server-timing
fastly;dur=164;cpu=1;start=2021-03-11T19:09:38.083Z;desc=miss,rtt;dur=0,cloudinary;dur=82;start=2021-03-11T19:09:38.126Z
content-length
12730
last-modified
Thu, 11 Mar 2021 18:51:48 GMT
server
Cloudinary
etag
"4067e24a2a3b4f41afafd23498a1e789"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds016.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
4ae0db72646053815495bac48f744331.png
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/4ae0db72646053815495bac48f744331.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
890d57381ef87ad79a04ad9569e462d413fb751e348912caa1a2b8c8517483dc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="4ae0db72646053815495bac48f744331.webp"
server-timing
fastly;dur=2;cpu=0;start=2021-03-11T18:33:50.892Z;desc=hit,rtt;dur=0
content-length
14190
last-modified
Mon, 08 Mar 2021 21:57:42 GMT
server
Cloudinary
etag
"8cf630c989183fca5854896aecb8e635"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds034.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
602205f952a8d7-51720096.jpg
images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsmaxwidget.com/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.newsmaxwidget.com/content/images/602205f952a8d7-51720096.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
0d415b8bfc829cb9207cab9fb79ec1614a5c66de12fd42b6446451232eeaa502
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="602205f952a8d7-51720096.webp"
server-timing
fastly;dur=1;start=2021-03-11T11:15:27.782Z;desc=hit,rtt;dur=0
content-length
6146
last-modified
Tue, 09 Feb 2021 17:53:13 GMT
server
Cloudinary
etag
"5c24e31a27eb74531589ec1dcff15646"
vary
Accept
x-hw
1616328119.cds028.pa1.hn,1616328119.cds002.pa1.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
s2s
eb.proper.io/ 		267 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s?proper_uid=5de6f23d-669f-4715-a50e-5caa1cd76c5e
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d562b4aacc6f64a531d02f87ae4df37761081d0a3bba7997e2cca42835a61b1c

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:59 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
63370759fc2905f9-FRA
cf-request-id
08f642ec3f000005f97d0b8000000001
expires
-1
1.the-pun-cr.js
cdn.avantisvideo.com/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/1.the-pun-cr.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e29ebe2abf5f68a963f7d37876bbdc6ce939730f3f63dee01bab95638ca467f

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i53SUL2G6oiYFHrXzyM7CEWpI8Yz70G8
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 07:54:32 GMT
Server
AmazonS3
x-amz-request-id
9X69R0A57AHM49V5
ETag
"f8a2e78da98f7bd83a2f78559d776f10"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Sun, 21 Mar 2021 12:01:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
4316
x-amz-id-2
XatEltVr4tybgZi25wLOE16EoEcwQuPstoEcwp3Thwp0x4A3wIsBWkASk9J74yEfpUmIq9H1BSs=
0.the-pun-cr.js
cdn.avantisvideo.com/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/0.the-pun-cr.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fb97fdccdbd34bf2627d60ac1ed2f27fed39aea2cb41a6b73c95e24d7c86f94e

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bmagte3AhPmpZOFchIkKbqV1EhpTWpbT
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 07:54:32 GMT
Server
AmazonS3
x-amz-request-id
9X66P0W5H24Y7MRX
ETag
"869224dd9320d66444e680046257fa16"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Sun, 21 Mar 2021 12:01:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
9010
x-amz-id-2
8nvzl1Ga5FcjePKvD2mnEXvTQ3urLubemSAO5lXrLJY7HQGkkvC0Ig/V3lvUkJVYERn3PjQlKd8=
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/generic
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
prebid.js
cdn1.avantisvideo.com/js/ 		210 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/js/prebid.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.75 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62b4fc1f9ae93a7af35ccd6ab10e211c36799230b77fbc78066e6b023bda6705

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
23ntLNIB.8bUA5cOTW7zZcZagWauWFLj
Content-Encoding
gzip
Last-Modified
Wed, 12 Aug 2020 08:53:01 GMT
Server
AmazonS3
x-amz-request-id
0A44F400E3D2665A
ETag
"38bf1fd86316dad5aeba17a65fd77155"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
CDN-Origin-Protocol
HTTP
Date
Sun, 21 Mar 2021 12:01:59 GMT
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
X-Forward-Proto
http
x-amz-id-2
ZRL4ulMkQmBjm2CTfL67TyW7EOC/wYADDRfJ7jeZaRvf78A251t0qmouTMIxuYOWrdlo8AaAd/k=
3.the-pun-cr.js
cdn.avantisvideo.com/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/3.the-pun-cr.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3931f49f4a0e63b23a12c23aed652699b116d40915e417ac3eb013a08e98c582

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
B9jkKbVoLaEiwkZGDH8XRA8Wmy3qtger
Content-Encoding
gzip
Last-Modified
Mon, 15 Mar 2021 07:54:32 GMT
Server
AmazonS3
x-amz-request-id
1T1W2AQKMVCY1RD7
ETag
"607bd220edc84c24e842b1414582e261"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Sun, 21 Mar 2021 12:01:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
3154
x-amz-id-2
zGmXA/ixRSYIhnIFHgwYP0E5PxUYkvTsQXrACxdEB1+gicqz+AKGK57CQS288cQB1ngP34t3anY=
event
event.insticator.com/v1/ 		0
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Server
52.0.218.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
content-length
0
vary
Origin
access-control-max-age
3600
access-control-allow-origin
https://crooksandliars.com
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-credentials
true
panKa7aU.js
cdn.jwplayer.com/libraries/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/panKa7aU.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
7b48f9320b3f5c50c22caa8222f39bc45ee9a93eb79771a2d8d495eabd514486

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:01:55 GMT
content-encoding
gzip
server
openresty
age
4
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
x-amz-cf-pop
DUS51-C1
content-length
37119
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
x-amz-cf-id
QZdF_9k9yJJpY1cNjhJL4iwIfFztuJRnooHpMM6MNTtaXOC9IHgQdg==
expires
Sun, 21 Mar 2021 12:04:25 GMT
83a59926-32a4-4bfb-8307-e2fff3e4d63e
avm.avantisvideo.com/api/v1/channel/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/channel/83a59926-32a4-4bfb-8307-e2fff3e4d63e?hour=13&browser=chrome&os=windows&osv=10.0&domain=crooksandliars.com&url=https%3A%2F%2Fcrooksandliars.com%2F&device=desktop&country=FR&no_cache=false&pub_id=419955f2-1ca2-4dd8-a68e-332882485bbd
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6b0fecf492100d6d7e5a9c7304568a837f3e045903964c3a3cfd3d579c5e2c38
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
2283
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Sun, 21 Mar 2021 12:01:59 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
83a59926-32a4-4bfb-8307-e2fff3e4d63e
avm.avantisvideo.com/api/v1/channel/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/channel/83a59926-32a4-4bfb-8307-e2fff3e4d63e?hour=13&browser=chrome&os=windows&osv=10.0&domain=crooksandliars.com&url=https%3A%2F%2Fcrooksandliars.com%2F&device=desktop&country=FR&no_cache=false&pub_id=419955f2-1ca2-4dd8-a68e-332882485bbd
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:01:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
integrator.js
adservice.google.fr/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=crooksandliars.com
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		76 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=380682836778858&correlator=1882511671308456&output=ldjh&impl=fifs&eid=31060473%2C31060010%2C31060367%2C44739387&vrg=2021031601&ptt=17&tfcd=0&sc=1&sfv=1-0-37&ecs=20210321&iu_parts=5376056%2Ccrooksandliars_leaderboard%2Ccrooksandliars_content_1%2Ccrooksandliars_side_1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%7C728x90%7C970x250%7C970x90%2C1x1%7C300x250%2C1x1%7C160x600%7C300x250%7C300x600&prev_scp=post_id%3Dunknown%26member%3Dno%26split_version%3D4526%26proper_site%3Dcrooksandliars%26proper_slot%3D1%26proper_floor_970x90%3D2.50%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4526%26proper_site%3Dcrooksandliars%26proper_slot%3D2%26proper_floor_970x90%3D2.50%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0%7Cpost_id%3Dunknown%26member%3Dno%26split_version%3D4526%26proper_site%3Dcrooksandliars%26proper_slot%3D3%26proper_floor_970x90%3D2.50%26proper_floor%3D0.10%26s_depth%3D1%26refresh_count%3D0&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie=ID%3D99559003c82aac8b-22bbaa44d6ba008b%3AT%3D1616328118%3ART%3D1616328118%3AS%3DALNI_MbwTzgOBBXCXJF9H_h2GSsFW_SjPg&bc=31&abxe=1&lmt=1616328003&dt=1616328119594&dlt=1616328117267&idt=1484&frm=20&biw=1600&bih=1200&oid=3&adxs=750%2C235%2C1055&adys=0%2C957%2C527&adks=245896284%2C2659965776%2C2483261273&ucis=1%7C2%7C3&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcrooksandliars.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=100x1%7C372x1%7C300x1&msz=100x1%7C372x1%7C300x1&ga_vid=652369582.1616328118&ga_sid=1616328118&ga_hid=1393776533&ga_fc=false&fws=4%2C0%2C0&ohw=100%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
2f2cdf85ccbcabe2777b8136d624ecf41a21a4b8e58e116b2c01c13b938d95c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24840
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://crooksandliars.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame C3F3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

:method
GET
:authority
assets.bounceexchange.com
:scheme
https
:path
/assets/bounce/local_storage_frame16.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

x-guploader-uploadid
ABg5-UzXqUAfzCDchmz5UqI7iUbas5nHfwJdJeLACoMFubI-bRxBq1eyviXUF2wAG9ekWNqaO990eVr4YJ1rY6QOaM9DjMBM9Q
date
Mon, 15 Mar 2021 14:49:20 GMT
expires
Tue, 15 Mar 2022 14:49:20 GMT
last-modified
Thu, 11 Mar 2021 16:55:14 GMT
etag
"b13512e0f9ba8e2718001c882a0038e2"
x-goog-generation
1615481713977079
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-type
text/html; charset=UTF-8
content-encoding
gzip
x-goog-hash
crc32c=QelQ2Q== md5=sTUS4Pm6jicYAByIKgA44g==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
cache-control
public,max-age=31536000
age
508359
alt-svc
clear
init1.js
api.bounceexchange.com/bounce/ 		77 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYiBmAJgA598BOAdkJs2AC8QoBaQgBkwHcApgCMcqYAID6qACZQSPfJgBOAnCAA2cNBgI9uAD3xluvFTAFKVSqNgCG69agQBzCXCXqoAC2DAADjgApCQAgoFkAGLhEUhKICAA1ji2CNKOtko4AHRIIAC20ZgAbqiiwBK5iagCUIF0AELhZOp+TcFhZGQ+-kFkAKyh4X2RQ5Gx8UkpaagZ2bkF-SOd4QDCTUptg8vLdAAi2BPVtQ11+5UJ1RKgIBLqGc41MPY4AphCflC8Av5QANoAupg-MA8Ac8n50shJDA7s4bEUvLYoEA
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.229.34 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
f748e45cbd878fb6cf68aeaec784ffa6a2a2605b061a7445c6fc43d09afe04b2

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:59 GMT
content-encoding
gzip
last-modified
Sun, 21 Mar 2021 12:01:59 GMT
server
nginx
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
view
trends.newsmaxwidget.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.newsmaxwidget.com/event/view
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.239.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-239-84.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:01:59 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4DB0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=60450
Expires
Mon, 22 Mar 2021 04:49:29 GMT
Date
Sun, 21 Mar 2021 12:01:59 GMT
Connection
keep-alive
Vary
Accept-Encoding
visit
events.bouncex.net/track.gif/ 		42 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoADgBOFkZ1OULGF2o2AGUUADMUJBAneld3VQAyUAgYJAQ65D6kHC7wKGgKPh40U3QEWCRSHDTISFNhalbjGno6Hbp4zIIIsBQ+cMawRnjs-dpRnug+sAJSWEgQAkxdHElVZmYD3Gz1e70+mAAnr8dIDuuN4vBINlgI0QCgbJYwDhKC4lC4ACJAmA3Y4gBDY3E0ah1YCQKnyYx-P5yah5SSSAohKmgXj0uSM1TM1nsgp5dSqaguSRc6jUFAEPnGVjUUKy0imRVUlZrDZbO53Q4EY6nc5opBXG5ZfWymVyjZVfnK1XUYCmYCK6Uqqm8m38730r2ypCam2h53xWkewWqFlsjm2iA+h3GAC0nudaEOHoBtqtvqVtt4ICTDKpcjk9FUUtaeRj9A5eVjcgDztIkfzTJjwvjgeo8RQWVmIDQmHtpcpsukkhcqlFmonLvd+adVLbdI70djIpx+Nt0hZGhc8+0i8VK7V7eTna38YJe+YB-UnPzOJPwCXyfP1DXUaFcc5d69vu1CqPWx7ch+DJfj+G5-tud6Ac6kF+pSCGEvAyBzNg0A2JkQjIDg6SZDkHQYagGDYcAyAQF8ODlDIpTlJUpGIORWAwBYKCQHUBBIFkOAqPwQhSICZFYTAvAIKA8QIJAEKmOSklgBESKmB0CJgEiORINAaQoGANyYFRSCQAgvA4ICGAENANywNgSAQjckk4LQABKHRWTZBB2ZADlOQgcgua5xgeQg1m2fZEKYAO5K0KgmAyaF1l9Gg4I4MYeRJTZUBQgACqiYBZaYBCaSgpD+TgBQsgCWWGR8mDsRVACiACqWUpeC0U5DgACSlgppJKZxWciVZAQzmAgItg9AgxY4B4zCSESc3Xt2oripKS2SdJs3meWlbVmUdYNk2HSzBgoAIAIK0dIgACOsBYDJc2AvE4TsR8OSlYOvybmthSve92AoKYIDGTRmA4JA6ByB020gDJOC8Ld3lIIjU02B04k4GRQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:59 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NAxqgPbMDWhIAdgCbowhUhAHQNmAW3oAyUJFgJEDZIVwSoggQCN0EQpmIB2AEKGAIjPDQ4SMeziEYALwiZSANgCsU8cx4uADFLwEJoOuBAwPK5u-gCMUrBhkZixbqmkVAAcsbEAnJkALG5UBvF+sAwRUaSkHm6lHqSZbrV5mRntFnLWyfGEEACOyBBclb1SDPwj+DDiurgg4sApaS1ZOfm5XpNwXAvAMFAQQjDMXJgLYKRS5TCVmDxShMxo98GaUpZ7mMrHQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:01:59 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=bouncex&ssp_user_id=c3ce442b-1b44-4174-b7a9-6d407f054e0d
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=181398447&expires=5&ssp=bouncex
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=c3ce442b-1b44-4174-b7a9-6d407f054e0d
43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=c3ce442b-1b44-4174-b7a9-6d407f054e0d
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.50.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif

Redirect headers

location
//ssp.behave.com/sync?tp_id=2&tp_uid=c3ce442b-1b44-4174-b7a9-6d407f054e0d
date
Sun, 21 Mar 2021 12:02:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cmp
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsJAzAEwAchhAnAOwUCsAZKJDAgBZYQDC4aHHxgQAUgoAGYHlYoQAEyj4prAO5QARhCSwoSRfjLEphVgDcku5EZLlqtOlQAsxCg3PKrwA0bJkzMSezGRUxIH0VJTRrLhYAOZQVlDqhkSs0ACOAK4wvukU7AA2SFzIaBDYeESkEY70dIRFwKVcWLhIFlAATrrg+NgJZKzeSL74ipkgOT0TmlqsiVz4OdA9QA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:02:00 GMT
content-length
2
content-type
text/plain
cygnus
htlb.casalemedia.com/ 		24 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&r=%7B%22id%22%3A%22127db2c0f7dccc%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22297f0557baf18c%22%2C%22ext%22%3A%7B%22siteID%22%3A512884%2C%22sid%22%3A%22375x211%22%7D%2C%22bidfloor%22%3A0.55%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22w%22%3A375%2C%22h%22%3A211%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22name%22%3A%22RawStory%22%2C%22domain%22%3A%22rawstory.com%22%2C%22sid%22%3A%227870%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
744bd7908cbcc71b35dd9a449fc7023a4d8dd7a3e09f2f9fd94517e4856964f2

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[FR], RC:[IDF], CN:[EU], CIP:[217.138.207.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Sun, 21 Mar 2021 12:02:03 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
292699
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/292699
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 21 Mar 2021 12:02:01 GMT
X-SpotX-Timing-Transform
0.000343
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://crooksandliars.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000578
X-fe
023
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000042
X-SpotX-Timing-Page
0.009309
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000444
Last-Modified
Sun, 21 Mar 2021 12:02:01 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000302
X-SpotX-Timing-SpotMarket-Primary
0.004463
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'crooksandliars.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.003096
X-SpotX-Timing-Page-Exception
0.000023
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004463
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
49a86948f3816fc3471b1bb7bbcef93d16d933b71c112fd2689c760003add41b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:00 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid
427ac058-d947-4995-9c1a-927144af0052
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20615038&referrer=https%3A%2F%2Fcrooksandliars.com%2F&us_privacy=1---&imp_id=7c4216ef-d35a-4954-b30a-2c70c3efaf71&cb=1616328119970
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:00 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
f3ad8b77-3533-4403-9a55-0ef9092c8bf2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		57 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aff21e44b272dbfedfdf6135ab0d357e2a8fe13ba94c6bba2205d75eb890dcf3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:04 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
57
x-xss-protection
1; mode=block
showad.js
ads.pubmatic.com/AdServer/js/ Frame D69D 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=55141
Expires
Mon, 22 Mar 2021 03:21:01 GMT
Date
Sun, 21 Mar 2021 12:02:00 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame D69D 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
927d8ab13bff99294f645415cb2d0ac64b228e681579948a88fc3fdaec5d8b25

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:01:58 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pubmatic
d5p.de17a.com/getuid/ Frame D055 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.182 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 0BE1 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sun, 21 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1072
x-powered-by
ASP.NET
date
Sun, 21 Mar 2021 12:02:00 GMT
content-length
43
redir
rtb-csync.smartadserver.com/ Frame 7E77
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaU4wN0FybXNBQUJCQW1kR3g5UQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sun, 21 Mar 2021 12:02:03 GMT
location
https://rtb-csync.smartadserver.com/redir
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 0977
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6942076479455230101
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6942076479455230101
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:15 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6942076479455230101; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 12:02:15 GMT; path=/ PugT=1616328135; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 12:02:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:15 GMT; path=/
X-lat
lhrpug010:0:273
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:15 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6942076479455230101; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6942076479455230101
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 9484
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bTfb4Xlw43QOm26Fr7DOWghy
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bTfb4Xlw43QOm26Fr7DOWghy
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_1101=23040-6942076479455230101; PugT=1616328135; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:15 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-bTfb4Xlw43QOm26Fr7DOWghy&KRTB&23212-bTfb4Xlw43QOm26Fr7DOWghy; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 12:02:15 GMT; path=/ PugT=1616328135; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 12:02:15 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:15 GMT; path=/
X-lat
lhrpug017:0:561
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sun, 21 Mar 2021 12:02:15 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=bTfb4Xlw43QOm26Fr7DOWghy; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=bTfb4Xlw43QOm26Fr7DOWghy
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame DC97 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sun, 21 Mar 2021 12:02:15 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-2
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 5ABC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aQnoeUo0P8uCmTNa4gwNhXQpjsSFm5vFSZbkE6svi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d99f6c5326dbb8e355ae4042824f14d001616328120; expires=Tue, 20-Apr-21 12:02:00 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a9nseFs2aF9pAJsbYL7Flm7crdpPD40Ck3ndyXjdZcwZatFr4UaqZaq4sMZc9LhlZbmUpHZarouHP3py5nZbtBxGxrM; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 12:02:00 GMT; SameSite=None; Secure; ANON_ID_old=a9nseFs2aF9pAJsbYL7Flm7crdpPD40Ck3ndyXjdZcwZatFr4UaqZaq4sMZc9LhlZbmUpHZarouHP3py5nZbtBxGxrM; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 12:02:00 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
08f642f06b00000746561ee000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63370760aaff0746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-type
text/html
set-cookie
__cfduid=d99f6c5326dbb8e355ae4042824f14d001616328120; expires=Tue, 20-Apr-21 12:02:00 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aQnoeUo0P8uCmTNa4gwNhXQpjsSFm5vFSZbkE6svi; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 12:02:00 GMT; SameSite=None; Secure; ANON_ID_old=aQnoeUo0P8uCmTNa4gwNhXQpjsSFm5vFSZbkE6svi; path=/; domain=.tribalfusion.com; expires=Sat, 19-Jun-2021 12:02:00 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1955
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
08f642efb400000746923d3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6337075f890b0746-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
dpe
ad4m.at/ad/ Frame D721 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d141b49024490e798ff02a346e647862e1616328120; expires=Tue, 20-Apr-21 12:02:00 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-k4vv
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
08f642efb600004e5b3ebfa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6337075f8b9a4e5b-FRA
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 1812
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Dsv3KQzQNlpw&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Dsv3KQzQNlpw&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A; KRTBCOOKIE_57=22776-2417220075358525530; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&22987-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&23025-CAESEPCi-xcEQ6Bi0xiaXSDG9uE; KRTBCOOKIE_153=1923-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&19420-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&22979-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4; KRTBCOOKIE_107=1471-uid:acwKyzfL1LnWMp5; KRTBCOOKIE_22=14911-4154356464347799715; KRTBCOOKIE_27=16735-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&16736-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23019-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23114-uid:99d46057-35b9-4200-a11f-847c226f05f9; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c7d34ffe-d990-480c-84c9-1e9018ccb095; KRTBCOOKIE_377=6810-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&22918-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&23031-2144b0f9-7384-4fe3-957b-c09e28dafef7; KRTBCOOKIE_218=22978-YFc1uwAAALEa_VLS&KRTB&23194-YFc1uwAAALEa_VLS&KRTB&23209-YFc1uwAAALEa_VLS&KRTB&23244-YFc1uwAAALEa_VLS; KRTBCOOKIE_466=16530-c3ce442b-1b44-4174-b7a9-6d407f054e0d; pi=109126:3; DPSync3=1617494400%3A226_221_201_227_219_197%7C1616371200%3A174; SyncRTB3=1618876800%3A203%7C1616889600%3A67_223_2_15%7C1617580800%3A35%7C1617148800%3A63%7C1621468800%3A69%7C1617494400%3A7_3_22_54_189_176_13_56_78_204_21_88_230_81_104_55_71_165_99_8_5_166_161_220_222_57; KRTBCOOKIE_594=17105-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003&KRTB&17107-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003; KRTBCOOKIE_391=22924-4162373345338025050&KRTB&23263-4162373345338025050; SPugT=1616328125; chkChromeAb67Sec=3; KRTBCOOKIE_279=22890-4260f2e7-8a3d-11eb-b243-11bff608f02b&KRTB&23011-4260f2e7-8a3d-11eb-b243-11bff608f02b; PugT=1616328127
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:07 GMT; path=/
X-lat
lhrpug011:0:518
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-568ff9c7d-7xqmm
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=Dsv3KQzQNlpw&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=f26e580841afcd4f; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9FBD
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sun, 21 Mar 2021 12:02:00 GMT
via
1.1 varnish
x-served-by
cache-hhn11578-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616328120.288558,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38;Version=1;Path=/;Domain=.taboola.com;Expires=Mon, 21-Mar-2022 12:02:00 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=8be6dc4c-5243-43aa-afa9-8ce0b1dabb17-tuct750bb38&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sun, 21 Mar 2021 12:02:00 GMT
via
1.1 varnish
x-served-by
cache-hhn11578-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1616328120.246753,VS0,VE9
x-vcl-time-ms
9
content-length
0
check
pixel.tapad.com/idsync/ex/receive/ Frame EACD
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1616328121265; TapAd_DID=3e96f211-8a3d-11eb-8b15-9e9b130d4f06
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sun, 21 Mar 2021 12:02:01 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

date
Sun, 21 Mar 2021 12:02:01 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1616328121265;Expires=Thu, 20 May 2021 12:02:01 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=3e96f211-8a3d-11eb-8b15-9e9b130d4f06;Expires=Thu, 20 May 2021 12:02:01 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame E047
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:acwKyzfL1LnWMp5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:acwKyzfL1LnWMp5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23283636&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156512:2; KADUSERCOOKIE=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1616889600%3A223_2_67_15%7C1617494400%3A78_88_5_3_166_204_55_230_71_22_21_161_165_7_81_220_13_54_189_176_222_56_8%7C1617580800%3A35%7C1617148800%3A63%7C1618876800%3A203; KRTBCOOKIE_57=22776-2417220075358525530; PugT=1616328120; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&22987-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&23025-CAESEPCi-xcEQ6Bi0xiaXSDG9uE; KRTBCOOKIE_153=1923-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&19420-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&22979-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:01 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:acwKyzfL1LnWMp5; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:01 GMT; path=/ PugT=1616328121; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 12:02:01 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:01 GMT; path=/
X-lat
lhrpug006:0:605
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Sun, 21 Mar 2021 12:02:00 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:acwKyzfL1LnWMp5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0dbb3bb3e77219ff5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=acwKyzfL1LnWMp5; Domain=.w55c.net; Expires=Thu, 21-Apr-2022 12:02:01 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Tue, 20-Apr-2021 12:02:01 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D69D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rd8ItpxNQ9e_mm8N_4mEmg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=60449
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Mon, 22 Mar 2021 04:49:29 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D69D 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6337075f9d884a86-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08f642efba00004a8683304000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame D69D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:14 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:14 GMT
frontend-id
6
location
/pubmatic/1/info2?sType=sync&sExtCookieId=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&addseg=12,35,41
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&addseg=12,35,41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:15 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sun, 21 Mar 2021 12:02:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&addseg=12,35,41
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QURERjA4QjYtOUM0RC00M0Q3LUJGOUEtNkYwREZGODk4NDlB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
X-lat
lhrpug012:0:464
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPCi-xcEQ6Bi0xiaXSDG9uE&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPCi-xcEQ6Bi0xiaXSDG9uE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
X-lat
lhrpug007:0:472
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPCi-xcEQ6Bi0xiaXSDG9uE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D69D 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:07 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 20 Mar 2021 12:02:07 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:03 GMT
X-lat
lhrpug010:0:444
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4162373345338025050
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4162373345338025050
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:05 GMT
X-lat
lhrpug016:0:487
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4162373345338025050
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99d46057-35b9-4200-a11f-847c226f05f9&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99d46057-35b9-4200-a11f-847c226f05f9&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:01 GMT
X-lat
lhrpug015:0:404
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sun, 21 Mar 2021 12:02:53 GMT
Server
MT3 3611 f10363c master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:99d46057-35b9-4200-a11f-847c226f05f9&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Mar 2021 12:02:52 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2417220075358525530&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2417220075358525530&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
X-lat
lhrpug019:0:524
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:00 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.71:80
AN-X-Request-Uuid
73497004-51a4-4e71-a593-0ab4af44e23a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2417220075358525530&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=8ozwx93KQWBv0ujZVCpD59mKz5Q&user_group=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c3ce442b-1b44-4174-b7a9-6d407f054e0d&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c3ce442b-1b44-4174-b7a9-6d407f054e0d&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:04 GMT
X-lat
lhrpug005:0:572
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c3ce442b-1b44-4174-b7a9-6d407f054e0d&gdpr=&gdpr_consent=&gdpr_pd=
date
Sun, 21 Mar 2021 12:02:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D69D 		43 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pZbynh5E2uXUtiQmGlmobzULgMdWjyg-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pZbynh5E2uXUtiQmGlmobzULgMdWjyg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 21 Mar 2021 12:02:01 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pZbynh5E2uXUtiQmGlmobzULgMdWjyg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:00 GMT
X-lat
lhrpug003:0:365
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFc1uwAAALEa_VLS&gdpr=0&gdpr_consent=&_test=YFc1uwAAALEa_VLS
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFc1uwAAALEa_VLS&gdpr=0&gdpr_consent=&_test=YFc1uwAAALEa_VLS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:03 GMT
X-lat
lhrpug018:0:417
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616328123.292419,VS0,VE0
x-served-by
cache-hhn4025-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFc1uwAAALEa_VLS&gdpr=0&gdpr_consent=&_test=YFc1uwAAALEa_VLS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4154356464347799715&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4154356464347799715&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:01 GMT
X-lat
lhrpug010:0:429
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4154356464347799715&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3cd830ef-55c8-4d70-bde8-5281fd0e74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3cd830ef-55c8-4d70-bde8-5281fd0e74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:02 GMT
X-lat
lhrpug008:0:440
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:3cd830ef-55c8-4d70-bde8-5281fd0e74a5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 21 Mar 2021 12:02:02 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:01 GMT
X-lat
lhrpug020:0:510
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame D69D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2417220075358525530
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2417220075358525530
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:02 GMT
X-lat
lhrpug011:0:600
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:02 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
7504a0a6-3057-46bb-844b-6731fb197731
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2417220075358525530
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D69D
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c7d34ffe-d990-480c-84c9-1e9018ccb095
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c7d34ffe-d990-480c-84c9-1e9018ccb095
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:02 GMT
X-lat
lhrpug009:0:508
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_c7d34ffe-d990-480c-84c9-1e9018ccb095
date
Sun, 21 Mar 2021 12:02:02 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
amp4ads-v0.mjs
cdn.ampproject.org/rtv/042101130138000/ Frame 7D04 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042101130138000/amp4ads-v0.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7198ff46351c479ae06edd5bef332d6f9e2ba46373a153c4401172b606b36e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
398337
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53790
x-xss-protection
0
server
sffe
date
Tue, 16 Mar 2021 21:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"db31725f8b83f27b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 21:23:03 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/042101130138000/v0/ Frame 7D04 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042101130138000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bb8f2ce32e9511e86546ec558e1b26b89a6db7ce5a0414fd90dd269a3df9c52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
398337
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 16 Mar 2021 21:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e791ffabac79512c"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 21:23:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/042101130138000/v0/ Frame 7D04 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042101130138000/v0/amp-analytics-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a89a30449550d6379b07031dce97050f1a7b7279bd59c4322238955d40ef5852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
398337
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27146
x-xss-protection
0
server
sffe
date
Tue, 16 Mar 2021 21:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"85cd7b2e90a5fce8"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 21:23:03 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/042101130138000/v0/ Frame 7D04 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042101130138000/v0/amp-fit-text-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
577fdb0f21509705782cfdb305599f77041c691c59eb560cdcca08f3dbb7502b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
398337
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1539
x-xss-protection
0
server
sffe
date
Tue, 16 Mar 2021 21:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1a14335cdd3c3360"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 21:23:03 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/042101130138000/v0/ Frame 7D04 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/042101130138000/v0/amp-form-0.1.mjs
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa8558bedd9ccf730199363b33d90eb722540487048e7961861e68ddb40ec9a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
398337
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12790
x-xss-protection
0
server
sffe
date
Tue, 16 Mar 2021 21:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f6377aa91cca43bb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Mar 2022 21:23:03 GMT
truncated
/ Frame 7D04 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ab14562049be187dabab3daec1d60f07fe5630c43e34e132ba6e85ab7448b5a

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 400C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 21 Mar 2021 12:01:59 GMT
expires
Mon, 21 Mar 2022 12:01:59 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
7739219843123353522
tpc.googlesyndication.com/simgad/ Frame 7D04 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7739219843123353522?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmHax6WnvQ9Ro3-H_YWdW6pjGYlkw
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a08a1024ea68f14a28ccdf100d6bf5d1699b483bce434713f222016b42ebcf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:07:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Feb 2021 06:10:26 GMT
server
sffe
age
417290
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86740
x-xss-protection
0
expires
Wed, 16 Mar 2022 16:07:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D04 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
54905
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Mar 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D04 		295 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
49495
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 21 Mar 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame 7D04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCH8XR_tI-IyVBautqp11fjeHZZ7hoax3vLoayv_ni3lFQNmvpov14tQcHumIrnX_JFjqpW30b3ux7FyownC7gNjr-QA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CT8aVtzVXYMvVKImUgQeemKDICc-I0dphoO7wysANwYTA_PoBEAEg2Oq2IGD7gYCAiAqgAea4m8kDyAECqQI5aaSqW-FiPuACAKgDAcgDCKoE9gFP0JSk82yO4TfQhAJ79t5BMaeVRjoAOtuLJ6znUHXECBTddSIDLr8adAHPRlx1Bm4SxE8e6eN8e-aB-TMokdrV0-pcN--Nm_f3N0O9meVDhZvP5vu6wvzgsu0Pob1FsnyqrUZfImL-_f6-QYmVd8M6Ydo0ruVyFXwEo0QZmp962f63okLpogk4wbKWwNBcS0mbUZSNBs8n2Txg5jAex6nHaC_uvGkmN9e3N9US1a93TWj6hsg-KXSthj8nr60OfqY04mY3kb67w8_7Chm6mG4GSFYBJ4S91OoxJTtq6zPvmwEywOHgCWGWeGgHsSzM2-sphfNC2F3ABLSc4oa8A-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfuzcg4qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEM_YPtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTg4ODEwMTI3MjIxNTQwOYAKA8gLAdgTDbIXGgoYCAASFHB1Yi02ODk3OTAyMTkxNzE0ODMz&sigh=F-Cvxc6fdWg&tpd=AGWhJmsCP_aFV6DyiIbi4agVAuVk6hoIYRVslZU4NOnXSv8Fwg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame FE9C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Sun, 21 Mar 2021 12:01:59 GMT
expires
Mon, 21 Mar 2022 12:01:59 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F35 		478 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3p8qeATAB&v=APEucNUEZ1gImDICKlSHxQxOht2JlQ38RCPQ1lCCEdrG4QdDgKkNKQkOt7DIp-Dagjrye0gFxDGUA3jmAuJaRZ-DSPruUkwY6QAkhEU9Qo-T6z-BgzAuxjS9lOj-ii-ukeUXp4rJMKpoC4CrVZTatUQngc87krRKwlHWwO-gH0yE5qdVBbCBIZEIOoL-NfN_es038ovJHTujR-yveTQxoTKc7V6_ZscSzw
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyuyAIQpovKAhj3p8qeATAB&v=APEucNUEZ1gImDICKlSHxQxOht2JlQ38RCPQ1lCCEdrG4QdDgKkNKQkOt7DIp-Dagjrye0gFxDGUA3jmAuJaRZ-DSPruUkwY6QAkhEU9Qo-T6z-BgzAuxjS9lOj-ii-ukeUXp4rJMKpoC4CrVZTatUQngc87krRKwlHWwO-gH0yE5qdVBbCBIZEIOoL-NfN_es038ovJHTujR-yveTQxoTKc7V6_ZscSzw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnKGECdkTL9FDnrTyzptnf0E1fwkVxU_KSkWFA6CqvecTRRaOoLlb91jtrE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 21 Mar 2021 12:02:00 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 400C 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNkEpIkmlmJMqXPE0___YqCu7Vj13YgQYsmussa5iYV7t-QjyWOlaEy8tuLYkrxpth60xACWxrVgUqjzLCYlIfNk0lw6qTfZn2O2dPY0PE21bdDkGCSqlEpS3WOciOh4c5JwN5FFMJMsFWFiimyI8kZ-VLWA&dbm_d=AKAmf-CcoFFXS7wW6gYqUHHxfw4I3cJkqpu7RsBf0SzwroeZP2o2PM5o0RrmPqmQgjqm3eWHcL620rKZq2JGIjHN67vcXuttepq-q8OxEtpCwrNOuVMVUkcD3yI2V3aX_9xLKvA1nX-zdEJ4_NuX_DR4w6FeoLfYpZoz-YoF0SKzIXDyTRYM7fjq21TeGR4cy9NxbwFP5dDTH_YmWEADu2v6rLmHPjY6LtkKYLjEOiSoCNsqEhuE9NWNS_xri8FqxKoZlgfUIl-hJmNp7dHulZ7F1hIua8cRxnlLcKws8Oz7VJey7RYdA0ntSHWKIodrls_KNBDIb8QJest3T-9uOL0PooTy1YPqq5was7gTTHY4F0TYuykWrfXSpDCQ6in-qh1fEWtnWI2PUFW_NmGpy1mZx-8Xt_fcXylGsWmLiJrW8dGhL-0VvzquhljPDWqXNzaX45apysWOOqWb8rDtCoulCCrHEPRxgSp9GgXo2MZqp1segAay1VhXGdty8fBfNxegnT42MiOJt4knT5_-hiszA3IouKqXIOMtj69VNux-oqlpHZCe3yxp--Bkk8Q3oDf5ACGRz2eqgImfDg2-tVCo8TBCUisWXo69DzW-ropQFiD3vwYuv_gsmG1um0CX7GwwO5JZOFVt6TKX7gDyHX93E0rH79TxcNmW2Oon3Q3T_6zGYJPd1Pi4ZdkiXazX027WDkgq-nUObjwiF2a8SuKYvWeTKG9a_V3FMDZ3iH8-X7qyDCgGRvsEjDsyHy-LRk5-Pz0oANqov6l1wIcpBRwJvhrz6-zsOiP5ILXhgVGC9JjKVBk7vuE2rGDnkECzl5AW62VdGL6Dizu2cje9FUtDqmUroYPxB-lyt8YGBNd86nz8rzuEvFUTsLAHrndxVueXGGAwW61lSw_OwZovrtfb-32pPzJcZg-gmeVr9rKdquKcSsYc1I7lxkeYRatR2s_r7iV8_Pws6eMXTKx_amYVP7e0RAjUVe8ovf4E2mBTAJ599NrIRElcjHuBWY60R9daRvSuKwn2NiVlF0bNIG3PHinpWZ2r44g82IPdVs9lslkWX9bD9H41FS18NNJ3XvVqPveKWze28DkkJFBsC5eY1hc6CLN800gRIZme2VAlbgwDGgYoY2CptDlrYk0RGahXZSH6mxmwn0gem5LibZgBn5SVpigl96NYlg7MO6NO1PmpNfwBowze0NUgFHvGNfmZooWbwsjeXiJflBHxpirf2RrOGgNtuD0bco4xX9ze34euwi3CFdqitPy2V4Sm_vqUvid251_GljNyNjyYXL5HsO81XSxcuXpJ493p2hTfBCx8LTy-i1nldJuVfLhKkojT_jcFHtsKbcP39L44lR8OHkFtFU9_brlauMmygc1nmncug5kB6lqo5E9N2XLIavNNfds51fim1nvXHEbLtqGuRbRvrUwu5BgIScD3Gm8apCTVg4Ga0lPKx1bDKiECJy3Z4NgkTnHHXHfOnyROOWavXaKXh54CDiTNxWe56zTcRmFUnl7_tf-dIFP_DWwoPCOCmIwFjg96i6fn7ExcOWhZVyl4HmNVnKNB90qBQULAd4qHjePDNS5k6tNIrVJ45Yw8M-sLwSaSkfPjJq7AjRVAZqCDhuOMy-aVeI0tkiC82hwY6hgYUEd_5Db1lj81uQTwHzcAJxsgmplufMmmndGxwclxrS0eME09UYRlTEvVZmxtXJIMZnmXRKVnLPzWWjT8LQ17SlJnavbJGAaUdV2femtHm3vBcNz2dufrWzmbBvx_7y-HEkRKP0b8PbCdQUK_8vaQz5-hUEvnavLU9xksge3DPm7adAeqmtrrduXlqDIr27Hou1SIm7QKc7KlAzneqzbrs4Sd2vVtJs5m_h4CcI2SbazyeEsxsUgia0ioZyeP7xBBLmVZzQyo5F32moeEJQZ1-97Y7cvEuOQ-RQNz6OY7dcBHDexmxSOle6s7btTynCvbO9vh1JfPcOxx5aMAf9GAThFA3Ht2V_1LTAVOazLRZWvr4xnFePW7T1oWs_T8ndsxOIGuOseci02eNp0Lt1xZW-gcddhdIn3WQIvJHI4QXxrbx-jcBkSe-K9sTux4OnYeEZ94OKSRWG5WDQjfRx5Aoj6P0f9ChEbOYuTHKUuxFdhpMU_GBA5aGMfel9W6bItg4bU0zJ9JQHT_ucIkmTixrp4_zDi1BL57_ggKauElDJ0sRFhuIdkWKDcCDGX2djx6k3DZaUmmZGFqbmbfCAEmjE4cyEGXp86rYLIuhsGWR2RGTxaxOij761w0eSpz8qIGzFWbBDofl84lB1niMzIutktLpxaf7irlgzo_zGHBIMHQZa2cbhz47LVFDwL_wUx2N-J-y6VTnH2iYlI8bH3qobSQuUXmdTCupqRfRU-18FwGEzRvQ9AJ1fjWU4959pAHynbM7wZrNTqaFFsTVLapQfhxJRz9q60hNJu9uMeSL0aHx7V1DL4nFbeGJgpRstA9HoPRKNOnPHZGNjg3rxW33tIGyVRpG9F9t5zt1RtiGTXPZFVwMBu0bncvBfrAicuiGmlqLSKTYXTo-Yc1LJop92VjUYzVBwQEygaTm6d9OW-yJR5_NglnQkdMS7iIHFNhvsFadiuti_WGtSWp4_vjCTAheyWzKxHZSBBqW5GuqKxaFzcjRwG6CmjWAygMXF7FKa2_Baa_HrBORyzC7gI2VOllOMHtqGPe4fkZrT4ttgF6U4mmfnj0nkl-OMVQmXQsp0sASqG3PSoe1wmhuGDhOQI00_xo8rQhV0ydoG-Twn6r1iToJDBbZRHE7nLaiaugTmTPv9mRmLT-sWEXQvKyTAcc0kQVaIUmLIfAgJupMvEvPMqVmHd2qXff8v5pRrrZIZKMheeIIvijLlO1kpUkHUFI1b4LPgon33Qe_YI83dvtC2cMB6UTw4dbNh2jEOQCsyomYFu94y4sRC80saM6UloMAc6rt5ng9XJGwfUz3v38GsQv4g8-aSUV2JIQnx-w3Yowu6fPvIvioAlkwFQvBuLSpBTX_pwJXrCcAfGE6tBCQfyqKw6uStEkqJ7XfyOUHBF1-FbTnI2zMOxuhIB6yHvS9-4X1f-VXYnbs373nea5RXHs3Dq_igWjaAffPOwt2S1Xa9j378oOte92gP75HOFW6DPfzj7n6a63wJqUJZnOIZ6I_QlBu9Xcz3Jf-zspUQ0&cid=CAASEuRoLgadCPyTu9XJX2C2vqH_Zg&rfl=1%2Chttps%253A%252F%252Fcrooksandliars.com%252F%240
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
885c615e9ccaa2c24fc8b6d90307c1b8b5dbac5d94d05274ca47a4f47f82a117
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11384
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 400C 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKRotneFsegjbFVsyvKXvnBnUaRbRn-oVESX0gcSyWl5U_geOUlZFzboO1kPu0K-pSTIK9kWi5gDcyojTbU1W8TiEg8U3LfZEn9KejIEWP2uespUk
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clk
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25491114.297104974;gdpr=;gdpr_consent=;sz=300x250;click=https://googleads.g.doubleclick.net/dbm/ Frame 400C 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25491114.297104974;gdpr=;gdpr_consent=;sz=300x250;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CThOqtzVXYMzVKImUgQeemKDICbPbhdVhx-m6pKQN3tkeEAEg2Oq2IGD7gYCAiAqgAeLd28sCyAEJqQJ5I_1pDvmzPqgDAaoE-AFP0LkOYSJLfcM9xlFT9_0XK9FpnkNUgihi5bdj1RiQyZRmDYU0vuO8gdonHClLZXAsL8vxG9no5qb-218rOK4YLczWfUiFE1uEbwfb6Piew73OhHPosQ42BP1gV5TY9JF3HXtV-1xZx53g_b7wcIurNZGfqwrCPAj2t7pTQUem3DywCT_R0o9xJcT3yYtDKcpNPWB6Ad0V4WK9ws-bt1QfqHSxVhpmqVIwGPGpXc3xI7jGZ17zA6aBf-X0uFMOwAjXT2lawRxxbSjiITElpmXWJgK36vXwTiKgI6Ay-EL3J292RRRV4zjjGj0PXOXsW30fZgwKiRgWFsAEg4bU-cgC4AQDkAYBoAZNgAeGoqS0AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTg4ODEwMTI3MjIxNTQwOYAKA5gLAcgLAYAMAbATzLzyCtATANgTA9gUAQ&ae=1&num=1&cid=CAASEuRoLgadCPyTu9XJX2C2vqH_Zg&sig=AOD64_1ifgyLaUfpnzAgrtiTtwCPvPbQpw&client=ca-pub-6897902191714833&dbm_c=AKAmf-AlW9KuwJZstpLrI0DOgKKAurVsWtZHC6NYJNJq4d4xxhtN5kAKXtoe-mfwuWGp0UMBIu8LqnIk5vBW6Y7dRN1OAch90d-7Z8aM1ulWoH9FEnDIFXxit5l5YyFxWk4eqOeq6B-3pZVAX4lUKFtqY1j7Ze4khg&dbm_d=AKAmf-DB5l9rXvTYHHngQpUtsyE8o4SGBsTx72ToyMKjEOy9tBodMBLUBGXaJXb3oeh0DqI8fHQvj_AxxgLiJd6FAPD35SWu0Sg7tw42PO0basIiWyMYxS_IXxMK_LdyRUKwnW6ajVXuy93OE2OLDnV7aOqrolyA5cyIddsLN-mjNgvZMDRlbdKgUX2qZJI5nZwekG4_LYcC_TarJ07Izz6HfHJKoDo6gBqzuV_-jsWYUaIfY-vcXOWH8i9dPVoeRphXzJ3jGuo1bUyJBZJ6IQ5GAIupmogRN3S2VrPy-tYD1wLklyp0y_Yl1f43KJBzHslCWYAi0ZadDH3JXWIm4mNY0EndhdlVtis3FOIPyUEJqwU5Vs90PAlxmqzrHv_LUfPL0s-tjZrtHBKosHXZhFDKWEO1sCJLPjTorV0zLtEbtZqfN4QDX0U8gMVN7EupNHganbtw_KHEYq9UP7RqroKotel_jjz8aA&adurl=;ord=1616328119666316;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN (),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
a9efa80402f8abc54393bba5766b171b6b140db2348f5c1e8c43481caff89802
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17349
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 400C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 12:00:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 400C 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:02:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 400C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 12:00:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7D04
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
7739219843123353522
tpc.googlesyndication.com/simgad/ Frame 7D04 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7739219843123353522?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmHax6WnvQ9Ro3-H_YWdW6pjGYlkw
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a08a1024ea68f14a28ccdf100d6bf5d1699b483bce434713f222016b42ebcf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 16:07:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Feb 2021 06:10:26 GMT
server
sffe
age
417290
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86740
x-xss-protection
0
expires
Wed, 16 Mar 2022 16:07:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D04 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
54905
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sun, 21 Mar 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D04 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 20 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
49495
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 21 Mar 2021 22:17:05 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5831 		478 B
252 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjspMqeATAB&v=APEucNVsiMACyMq3f3dXKMKuOQiBR18peJ_mjqvS7Bzt2UUENAtxsJ8SPos5X1TLKcu5Q1-TLVm10kbyqeLrJz8YHMBbTHK87sUqpmt0olRK3bKUeDIByPztdI51MEokWPyrOf43Un5Jb1o6TPjDi2BNHvIcvCdEiQI_Y7WJjSRqEh97uf_FgZbpM-etdeFzT9bfhjgjKN_VXBJAvK6qtuBsRgTec4wKYw
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNyuyAIQpovKAhjspMqeATAB&v=APEucNVsiMACyMq3f3dXKMKuOQiBR18peJ_mjqvS7Bzt2UUENAtxsJ8SPos5X1TLKcu5Q1-TLVm10kbyqeLrJz8YHMBbTHK87sUqpmt0olRK3bKUeDIByPztdI51MEokWPyrOf43Un5Jb1o6TPjDi2BNHvIcvCdEiQI_Y7WJjSRqEh97uf_FgZbpM-etdeFzT9bfhjgjKN_VXBJAvK6qtuBsRgTec4wKYw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnKGECdkTL9FDnrTyzptnf0E1fwkVxU_KSkWFA6CqvecTRRaOoLlb91jtrE; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 21 Mar 2021 12:02:00 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FE9C 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWDRHZAjIHV2QMjvsdFUajZ39ERRcUHuydqRuUCixtVZQotps-GvXbpBwNCuktGSKuzEaQNJpxCBCw9gTfMp-6gVZ4iEWpsb-0eusGxLziBqST4tPVdJPbjFyFURbjRA9MbS2V0n8BHhEBVUOpJ8yRYULXwQ&dbm_d=AKAmf-DnWzhZkpRR5SI1ZBUCCnbMSWAMJmpqa7waVHq2656fvZZf-TLL2Z5egnSges0_dN2oOelrjO9ns6Aw2xdRBZxFWUh1MqrtmijpdcU2sgAToOwdZ1lsS2-0Grqmjyn5vcNRXgzZYJFLDkWxxG2di7sEsaxWdk9pQzuWr1q4kmeguoQMS0P6LlXzJmbM819hpR8v_kX6JImqsMOpMuhDK89buZA39TesFnghWO87cTbSicLDJ2drOhlL0x_Ktyhbp1I-Fgj2eOKFYspCzUAD55Sv6Vkp9QaQbonxlgYHIO5jJB9IuihvGBL7X2za9Ru5Ci5NXLsb8ulOI93mmiGy0pJDcn7JBxcqKMusi1ehx9BdvbkEsWqFve91HorCqT_sV747l8FDuGQYTp22IT5Fi4SXq2G91-Z4XW8zQ1lr5D_1KNGIyoPoowhSHnGeOOtauuHd_H4quCPqLfWvswgK1eUasMDx0xjxFsJditNBbrJZ_kl_-AN7oRcnRXBucoc-U5KAib3P9SAFJWnIGdSB63MLreo25hmQyyb2SMttr_y2KyT8LOBI3gcHMl1DHxumejHA1E-YAYlYIgyfwm8jIytEAOaE_zbK-NtTK0lCd4CjcOfloUlfs8ogHU7xql3oGaYwelpCWst2cfh857trrJvLvvh-eRZfNmJedOqGRFMtEooUa4QhALesUGquDoEEBbqoLI0vA7nkXDoIy6K_MJ450mom2YKHNUg_5DDzugC8qEwrw4g-z4hZhYHQPyWwOmyDKFSzlQAEdUIZ8ejPNZtHnMM9WuEjxMkynn5s7KseRvNgVcDTH0Mz5yivexX_D3k38ld7HFJrhp_8v6oXXXQiyDIEbs-XkJY-bY9VR3_tgVG1wYqadHAW7N4NpGsIdfiviUOBwxvNhm9HW3xVs0Cf7SYj-2Np3tNb6zzq2n2AXW_WF75VLNmI6Us_OXRR9RzRXSi4N-SFm9-17ubjQ5ZuJYX6h7IDI6omsa5TAAQ4zJl_jUNcK75IcuH4_zpxm4DST_pWo7JHoVH_9DhLVpLgSWWj8smFIeKjYkaV1pt31nqrrOJbkumkQl8cesiQIzLrKIhAHrc6QZS6cHSsOSlAQ74C1iJLTY3ZLvYbFLIZKKQgxM8N59a3vHoap4bG3qfHo-2qgDQvnayY9CbqlDJWtufznDLW7yZuwbUHuDEEZpKZdZeYVLYPuLjW1lX7hQyICM3grIEhh0-FTT5C1SHKRmn2eoXwVOrF75kbNvv1S7onhy6QUd6NONTt3yhxKQ_zdegthGpXNN94N8XYLqH7XgKvkguhQVLB6vWNdwZhor0jAbVjDVd3o2NZ2h9OPhiYeSRPdeCu9_ALj4NvVfdpX8jCZ3pO1v-m6h7ACWbGrK_xH96vTUEiRs8GvtrmDBnqRmzoGCcg3hInNfV0OVshUwxLCio9EDX8QEx548HKCs9DEdpQ3YFdPJpbo7xmRsQV8ow3q3JgKBlMxpzMRWOY34wh2Tc14GvP8Aev-cJMxW54MVFbrZEAr-WgZtuClE5kZTwBZzdr3ZxL7gVq1VxidkvY_pmlco7Y8YaD_8_TrZeN19guIEScywdajPlGdapgZDsLAd-Bt6ntV-QSpXUC09o-6IibxyQQdDbfid5zHjzx5zf9zcA5B2lrEXCne_G5CbeOwFtLq91-81fxWyXI965ms2FHJrjRw8qRrvP2Dl3yZ0-AOJ-QlBoJs_biQ3DhTapP-5afeEsLyQ3m10rQmsLUeOLkxZ4TQb9-6wD7R4YdP4LL8KEQJLo_xxeDSIx5R1SGNza1bN-16Rlq1dJQ55sw_WlTJFctvztuQb4YsfGJ4CtqjpAOqFlbKONy7vTprvzNpWUHL5C8gkd0c2LKW9XalLgdhZekoL6mj1EOFN6ZhveG8Fkvn7CWXk2AqUQ1OCWuf3GWq6mVU6iiG1QD2Utp_XT3EyJwRynxIXBPnQmz1BS5zIIDStJ0LE01SWTZ_llbbzbbOpDmopD8fdj5aD7b6CyeeHTcSU2hZmZzOixt9G29EmVm0WmM7FdS5lY2OPCBdd1FU-qSKjZ_BaQsxUKhN8vbQcyTkM2egqrQQRBIzqL6O9kk821Wk8stv3DYGh8dslesJw0y2bDM7mqXHuuiT0ZCimXScW3mT45MwYgIBm7PcYZtoOmQSS2NsYNYrZGhSqdHEjb4V-iSLl46o-ygJZ1Z7QlA1FzwXpiVSTrB7W0rNfQQ_73Xaot86BlsQNNXH1V1O6n9CIdfdQgABRw3vAqB_-atf-Rt18BFv9DhFFjRCtjSXYB2uVGnouvUAt7mUph_5CHwvPUexkafvA3nQLdCnygCdS4Vqprw_EsmZByxTVvhmfk7sHr4tfN4mwMVfWywGLEMkjqtoMzEGA0vqH2l1r8li1Z1gIkl0FI5ZaHYXaTeqVZwPr_nB7EM08GFdI6KA0qbbi_lPT2PpL87BnpRdam8CGxnJfkFhB04ct6c7paNe7wOMlyiplfMga6SRUpriqUPwzkS58XBjLo844atUG0g2lZUSkrWWsRgC7rWI-mJe0qS67hyrQmwqMVJm5YpuTtvmSGkDMhdgAhGovxX-XGwZwzWBNiEgNxKyOjVgdYLkfiGVZQTAuO-jz57ZBPe42muAICfMM3Uzk0a5uNQ4Gx89lZ5_fxl_3KVr3BdbnvGMIIJpdiXq2cAFscx-0_iY2IUsg6ib8fUV0FlohGx0MTGzGFn2iGVCUFFIhf6PDthGGhTKWnsym4Oh3YoPz-9q2eqh5ChHQVJyNBr_m1Hj_2MwZIbyCDTPKcv3JiwnuHvnXSLRPykZgi1VGmP-syToxQ04qbec1xhS61OKIxR_PEMgl2snSg5mlCLbq3rnlJkILIoVTehZxEJBfNWDws8lv5j5GmzP5ZiWM_zJeYYrbgaujOOBfH7EWF-pNF9GD1n68Beu2NgNqoJfH8TWfDvqlXvcwGOx-KMTdMVub96FaSKk-KARl2vtQVJ8ylkowU81mgd2lRf8wHyju2cvMjyUy55QxiHdLGGImYmGeFQf5yaBm8FKoTBR4zhEP7tfqNb9ISZtJg_Bm0kgpYHgDEjoeA52Imfo8b7rnFEp3m8fwDJM-5CVLvmDRQJmjFykCJGoLxdPQj1m9_lwwoWCpNDNnX-tvtWtr9f4Z_WuQ&cid=CAASEuRo5otRO1kKPJAzWTKwfhlgsA&rfl=1%2Chttps%253A%252F%252Fcrooksandliars.com%252F%240
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c6e1ba051ac7bff8e5dc3a62d20e1df3868f3421ac5e1df5102f85f817db0bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11463
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE9C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfIdFulcGYaXRgIQExSiIbL693o7p1-4L_eixbha-p4l2eiBw36WaqFRdTHHkymKaBt6tLcORZKbscO5jMAx5eVTnwiHXqKS8yaHirTnAaIHvE-Vk
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clk
ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25408918.297071485;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/ Frame FE9C 		39 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1246177.3716415IGNITIONONE/B25408918.297071485;gdpr=;gdpr_consent=;sz=300x600;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=Cv-OntzVXYM3VKImUgQeemKDICZuNv9Rhs8u3n6oN3tkeEAEg2Oq2IGD7gYCAiAqgAeLd28sCyAEJqQJ5I_1pDvmzPqgDAaoE9QFP0MIt3y626ZtUQfl0LOCCySK375qjvlD1rbfyXAj-EjwS5U0qyr_keiRPjMm8YWm8YTZ6ZAGFHQsNLNiKPdPZtw0hatbdHLkaGycGn-2Mcg_yKLoHfSEjM961eHzj9NMjEKXhKKV3nacBgL7p7CXzpI1yLZWrNMP3w8UcaEP6F-wXVRa2X2mI56jJj3AEffdN0g7Eh2SXz5CBNcfkSI3j4xJqbhrbJVAGIoiL4myewjHWcL3CNHtKAl70cTLXJCEzYjEIDHtbH2_qihGsrXZhfSQhlnQKBNrpbl00KxC54F8rcnrGbkaJxTfci4xwiNULu3v6_cAEvY_Z_KkD4AQDkAYBoAZNgAeGoqS0AagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTg4ODEwMTI3MjIxNTQwOYAKA5gLAcgLAYAMAbATobGDC9ATANgTA9gUAQ&ae=1&num=1&cid=CAASEuRo5otRO1kKPJAzWTKwfhlgsA&sig=AOD64_1wwQpRLtPmU9dE-e1oY3W5-vck8A&client=ca-pub-6897902191714833&dbm_c=AKAmf-AWEb5YDnwc6vBz_jZ3YajRjp_qD8AoMLecKpOvdW6rC868huNNaqI6UG-Uj629zd1BFcZPegjNPgExnJyigkc8eK1E_I38NPdAPQBxYCu8aw23_24etQbzKZZDopDdEcNsXJmVyRVzbVSGluq4AKVTtUNb6g&dbm_d=AKAmf-CqfYDHrsTxgFfUc1LNnurclkXP6j2DZBY4RvdgJP_wl9pg2b3fPhwC69tob0Za7wR4OYz4cgmcjVPcyfQwIEvBDCFeBLfgVGWaHInng-GkeDnBMh_j5LrSga6zEe-Um76m5H3vailcVeTu8rjzhGUHN_Y-Qs5Zc85ie0WzXCzMiyGSalzxa4MmDAoji_WDuT8i8uF-m5RaMhxLhx7pzive_1ov9SuNfJ6cDAwyBaxAWhP-85wOvyLLTHqog2teCppyYndDRUu5cQsEhndMzzH8HvMIuax6bFkrQpdu9wXT169N7zmF4MLOm6yr8auIHVMAWuZoVr-k7VRyLWhBwg1Sa1WkMnCun1pu_bJCAqa_IJADE7ii_WE-MsLTo-1MI1Ou4UbweIUl1QnEeJnk581dQD-3nSZvfmOEw2wTz_Ow8JuPz6a4TGZmMJqMCRvyZY1eHfQKr0_zglbFQvraOTjgKkzMzg&adurl=;ord=1616328119666317;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN (),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
f4587470bc8e3130454c70bfcc853217d276e2b88f8849653689f6d0ec53d46f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17178
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame FE9C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 12:00:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE9C 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:02:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame FE9C 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 12:00:20 GMT
l
www.google.com/ads/measurement/ Frame FE9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1csy47UWTwilDQyy652hhSGKNKpM4EIU1efNKiYHIQrriqkqy5MrDPJ0032AJ2L1z6cR1EleVNDUPcEgOjsNn5LsuoA
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 400C 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 11:54:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 400C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158820
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 15:55:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F35 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3p8qeATAB&v=APEucNUEZ1gImDICKlSHxQxOht2JlQ38RCPQ1lCCEdrG4QdDgKkNKQkOt7DIp-Dagjrye0gFxDGUA3jmAuJaRZ-DSPruUkwY6QAkhEU9Qo-T6z-BgzAuxjS9lOj-ii-ukeUXp4rJMKpoC4CrVZTatUQngc87krRKwlHWwO-gH0yE5qdVBbCBIZEIOoL-NfN_es038ovJHTujR-yveTQxoTKc7V6_ZscSzw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5F35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3p8qeATAB&v=APEucNUEZ1gImDICKlSHxQxOht2JlQ38RCPQ1lCCEdrG4QdDgKkNKQkOt7DIp-Dagjrye0gFxDGUA3jmAuJaRZ-DSPruUkwY6QAkhEU9Qo-T6z-BgzAuxjS9lOj-ii-ukeUXp4rJMKpoC4CrVZTatUQngc87krRKwlHWwO-gH0yE5qdVBbCBIZEIOoL-NfN_es038ovJHTujR-yveTQxoTKc7V6_ZscSzw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5F35
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFc1uMvMMkzTuBl4pclu1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhj3p8qeATAB&v=APEucNUEZ1gImDICKlSHxQxOht2JlQ38RCPQ1lCCEdrG4QdDgKkNKQkOt7DIp-Dagjrye0gFxDGUA3jmAuJaRZ-DSPruUkwY6QAkhEU9Qo-T6z-BgzAuxjS9lOj-ii-ukeUXp4rJMKpoC4CrVZTatUQngc87krRKwlHWwO-gH0yE5qdVBbCBIZEIOoL-NfN_es038ovJHTujR-yveTQxoTKc7V6_ZscSzw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidding
bids.proper.io/api/ 		0
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame FE9C 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:54:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 11:54:26 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FE9C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158820
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 15:55:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5831 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjspMqeATAB&v=APEucNVsiMACyMq3f3dXKMKuOQiBR18peJ_mjqvS7Bzt2UUENAtxsJ8SPos5X1TLKcu5Q1-TLVm10kbyqeLrJz8YHMBbTHK87sUqpmt0olRK3bKUeDIByPztdI51MEokWPyrOf43Un5Jb1o6TPjDi2BNHvIcvCdEiQI_Y7WJjSRqEh97uf_FgZbpM-etdeFzT9bfhjgjKN_VXBJAvK6qtuBsRgTec4wKYw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5831
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjspMqeATAB&v=APEucNVsiMACyMq3f3dXKMKuOQiBR18peJ_mjqvS7Bzt2UUENAtxsJ8SPos5X1TLKcu5Q1-TLVm10kbyqeLrJz8YHMBbTHK87sUqpmt0olRK3bKUeDIByPztdI51MEokWPyrOf43Un5Jb1o6TPjDi2BNHvIcvCdEiQI_Y7WJjSRqEh97uf_FgZbpM-etdeFzT9bfhjgjKN_VXBJAvK6qtuBsRgTec4wKYw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5831
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFc1uMvMMkzTuBl4pclu1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyuyAIQpovKAhjspMqeATAB&v=APEucNVsiMACyMq3f3dXKMKuOQiBR18peJ_mjqvS7Bzt2UUENAtxsJ8SPos5X1TLKcu5Q1-TLVm10kbyqeLrJz8YHMBbTHK87sUqpmt0olRK3bKUeDIByPztdI51MEokWPyrOf43Un5Jb1o6TPjDi2BNHvIcvCdEiQI_Y7WJjSRqEh97uf_FgZbpM-etdeFzT9bfhjgjKN_VXBJAvK6qtuBsRgTec4wKYw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxb1zMmn4VTjXonpQPHXv4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5905 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 15:58:30 GMT
expires
Sat, 19 Mar 2022 15:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
158610
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 400C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 21:58:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50625
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 21:58:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame 400C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 11:57:20 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 400C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158820
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 15:55:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 69C0 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 21 Mar 2021 03:14:09 GMT
expires
Mon, 22 Mar 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
31671
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 400C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67667b7ee9688067f18161e446e08a8d676b84a9e9229a458bc4ef9a0d6621bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BC52 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 15:58:30 GMT
expires
Sat, 19 Mar 2022 15:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
158610
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6452 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 15:58:30 GMT
expires
Sat, 19 Mar 2022 15:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
158610
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame FE9C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 21:58:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50625
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 21:58:15 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame FE9C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 11:57:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Apr 2021 11:57:20 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7E0D 		1 KB
750 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 21 Mar 2021 03:14:09 GMT
expires
Mon, 22 Mar 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
31671
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FE9C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ec3273a84b712c9588f71abe59bb1d8e26e692d5c98c5ddb732a02fb85f8e90

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/9929072/1608738447560/QASHQAI_300x250_INVENTORY/ Frame 400C 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9929072/1608738447560/QASHQAI_300x250_INVENTORY/index.html
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb29b14b910b331fece9813f7e2b4a2940c7a94218970164f18fa2c17878f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:05:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14178
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1514
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 15:47:27 GMT
server
sffe
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 22 Mar 2021 08:05:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 400C 		0
519 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdTmJtvjk5_XW0mk0wi41nAwtJ49LJVtTUnVPBp4EM7PTFZnzbuK5jqERUDDL4ti9S4LzJKWk1ddqKZ3PeOKFU6yKuqTLbZ6cgU-6iueE-En8yxwf5l3agvimbyfocSWPqQIO8fVA2-bDNwWpmItMifThOU8vdVwZDbB0IQVr0DhaqPioZcvw0ALxgCty5OcKXhLRDQaBKBhdg-w&sig=Cg0ArKJSzBrQVmNR-e2_EAE&urlfix=1&omid=0&rm=1&ctpt=117&cbvp=2&dett=3&cstd=102&cisv=r20210316.71478&adurl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B59C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 15:58:30 GMT
expires
Sat, 19 Mar 2022 15:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
158610
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
style.css
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		0
0
main.js
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/main.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1590
x-xss-protection
0
content-type
text/html; charset=UTF-8
tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C630 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37930
x-xss-protection
0
last-modified
Tue, 20 Jun 2017 21:14:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 12:02:00 GMT
back1.jpg
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/back1.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14ed5d0f091e1f7c4dfd96ae727834123d840dd35a6c9910c78a1f46e4aa41ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
text6.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/text6.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2672f5bcb380c864cbadd95b0916c27ff90f70426e4b9db12c167c68ba58bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
cta.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/cta.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9a92e2e658f7c4de816a451a6614eab60e4b0ed631220a9fb724fcb3082a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1590
x-xss-protection
0
content-type
text/html; charset=UTF-8
nissan_white.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/nissan_white.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44bfeb6f3e9384c527c6e9b5a3761b341cacddebbb4f59d7af3d4347cc890795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1599
x-xss-protection
0
content-type
text/html; charset=UTF-8
back5.jpg
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/back5.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd5a7b1df39d558cecb2ba42ecdc8d34b8bb617dd05819ca58d05d885def2333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
text5.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/text5.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
034815d675804b81de0426a5427d1e7a19ab167d1dec3d0e99f8f5d4433fbac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
back4.jpg
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/back4.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
209d91feeb526790476ca8c890810031e505b939f8adc12af3aa624f223118d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
text4.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/text4.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33701a2561cc89de20d8cad0c6d2835eba8af778c156b4cab67a560ca01fd3b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
back3.jpg
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/back3.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1c68d3156677255ee3a98ca9ff3d2e89c5fd0e4b8c94dcad27c9eb7c76605e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
text3.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/text3.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cc79108f0e4310968c51d8cd437f76e2a0ae0605225f97cfceee3771205f0a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
back2.jpg
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/back2.jpg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e21a3b79278b8f7457f6ad1d355bdfdcb9029cec18fbe3d756a49edad50bb61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
text2.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/text2.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f84cb32ca17b9d34e0f2dfd288810ff67f518c0b181fdfb37c5702f1ca25bc06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
text1.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/text1.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1854c63de10b087c936f562feca8eeba8a1697f5a885803140d76ba885083bbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
logo.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/logo.png
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51d97fe52e2acd6a1b8826fa033f56737ab4a23dc65ee4617fe4139a4c1e7264
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1591
x-xss-protection
0
content-type
text/html; charset=UTF-8
/
google2waycm.netmng.com/cm/ Frame 69C0 		0
0
pixel
cm.g.doubleclick.net/ Frame 69C0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWN3S3l6ZkwxTG5XTXA1&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cver=1&google_push=AQvitUIW30u48_omsQLGkwB3ztTXY_aGcNuyu3lCYgdZXf-...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWN3S3l6ZkwxTG5XTXA1&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cver=1&google_push=AQvitUIW30u48_omsQLGkwB3ztTXY_aGcNuyu3lCYgdZXf-b63WLIsJQty57-8Cjqy3hYLhgFG6JL2kFNecQfEtEkCUX7txhvg
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:00 GMT
Server
PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-0dbb3bb3e77219ff5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=YWN3S3l6ZkwxTG5XTXA1&google_gid=CAESEDbMejl8IZQ5G8YBB1orQbQ&google_cver=1&google_push=AQvitUIW30u48_omsQLGkwB3ztTXY_aGcNuyu3lCYgdZXf-b63WLIsJQty57-8Cjqy3hYLhgFG6JL2kFNecQfEtEkCUX7txhvg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69C0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKnkpb6EDXAlOMTcvotdF8Q&google_cver=1&google_push=AQvitUKOJ7z8oCZiJsv9dWCTWJJn2MVAROdmZZr5AFTZ_Ptl3neKsSEAxVCIextN0mYPsTJQRqO4oTB2RY9myxYS...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKOJ7z8oCZiJsv9dWCTWJJn2MVAROdmZZr5AFTZ_Ptl3neKsSEAxVCIextN0mYPsTJQRqO4oTB2RY9myxYSmv9B7FaaqNM
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKOJ7z8oCZiJsv9dWCTWJJn2MVAROdmZZr5AFTZ_Ptl3neKsSEAxVCIextN0mYPsTJQRqO4oTB2RY9myxYSmv9B7FaaqNM
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 21 Mar 2021 12:02:53 GMT
Server
MT3 3611 f10363c master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKOJ7z8oCZiJsv9dWCTWJJn2MVAROdmZZr5AFTZ_Ptl3neKsSEAxVCIextN0mYPsTJQRqO4oTB2RY9myxYSmv9B7FaaqNM
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Mar 2021 12:02:52 GMT
pixel
cm.g.doubleclick.net/ Frame 69C0
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJcPYXOk_gGAeJOdONVZGmI&google_cver=1&google_push=AQvitUJRtXPZhscvT8arszzgd8CWqA5YA9beaQGh4VeGYOBT0ByzSSXjoVLSxVJeB0vtHHgg_DKS5A74--s5wZBy...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QQBIYrJ-Tf26iJdhTVKEmg2&google_push=AQvitUJRtXPZhscvT8arszzgd8CWqA5YA9beaQGh4VeGYOBT0ByzSSXjoVLSxVJeB0vtHHgg_DKS5A74--s5wZByXvZclV0nRbM
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QQBIYrJ-Tf26iJdhTVKEmg2&google_push=AQvitUJRtXPZhscvT8arszzgd8CWqA5YA9beaQGh4VeGYOBT0ByzSSXjoVLSxVJeB0vtHHgg_DKS5A74--s5wZByXvZclV0nRbM
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=QQBIYrJ-Tf26iJdhTVKEmg2&google_push=AQvitUJRtXPZhscvT8arszzgd8CWqA5YA9beaQGh4VeGYOBT0ByzSSXjoVLSxVJeB0vtHHgg_DKS5A74--s5wZByXvZclV0nRbM
x-host
tde-deliveryengine-production-6fcb7cb86-vcjjh
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 69C0
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEB8egzizgm1S_BIljCG0ZQw&google_cver=1&google_push=AQvitUIrRmMClqyLBNJ8Ed2GLYL_mGx7B8jAIN2UZrNVWyrw8AUQcENOhLy-nAAclFr8NgGAVjNiRiwqOQxszQKjrn_BaX3...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIrRmMClqyLBNJ8Ed2GLYL_mGx7B8jAIN2UZrNVWyrw8AUQcENOhLy-nAAclFr8NgGAVjNiRiwqOQxszQKjrn_BaX3C3xQ&google_hm=ODk2OTkxODAxNzg2NjI1MzU...
170 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIrRmMClqyLBNJ8Ed2GLYL_mGx7B8jAIN2UZrNVWyrw8AUQcENOhLy-nAAclFr8NgGAVjNiRiwqOQxszQKjrn_BaX3C3xQ&google_hm=ODk2OTkxODAxNzg2NjI1MzUwMg%3D%3D
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Mar 2021 12:02:00 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AQvitUIrRmMClqyLBNJ8Ed2GLYL_mGx7B8jAIN2UZrNVWyrw8AUQcENOhLy-nAAclFr8NgGAVjNiRiwqOQxszQKjrn_BaX3C3xQ&google_hm=ODk2OTkxODAxNzg2NjI1MzUwMg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69C0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1&google_push=AQvitUKI2s8RAQC_4GdHOCdTuVNFQ84zXiUDm...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1&google_push=AQvitUKI2s8RAQC_4GdHOCdTuVNFQ84zXiUDm4OKhv7TTsci0a3uZjT-H6gquN0CrzOWMJUjd8KE67KPnIGGbTSZ59BtXcWS8nA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1&google_push=AQvitUKI2s8RAQC_4GdHOCdTuVNFQ84zXiUDm4OKhv7TTsci0a3uZjT-H6gquN0CrzOWMJUjd8KE67KPnIGGbTSZ59BtXcWS8nA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Sun, 21 Mar 2021 12:02:04 GMT
pixel
cm.g.doubleclick.net/ Frame 69C0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKxM627bUhQk4cW5u3Mwcmw&google_cver=1&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og&google...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_G...
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D&google_push=AQvitUKNZt063DQFexYMYQ6gNNJ42FADWx7-swFaJDVxA0sbmIaAvPEVH_qh_GCLa5yNh2kuegP_9g7lITpHHfF0c7HFwFg5og
date
Sun, 21 Mar 2021 12:02:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 69C0 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMNYkqOLxgOg2nzHWKafqwJ0bYTMYRRvwLY1AeZqyqgKTpPSsHzvnLCqDfu3pnYyq13MdM
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c48ef7892fae321ab52273fa503aff2fed65b1e18c6fe03acba522a0850ea104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1525
date
Sat, 20 Mar 2021 15:19:53 GMT
expires
Sun, 21 Mar 2021 15:19:53 GMT
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
74527
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FE9C 		0
60 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9F64R5Iu-rXErd7nzPOQnSF6bRUZxeoZwN8Ml8_hrZ2awcsbGcIHI_iL6W6cbY0cxJWnEFfxFd5pnBAgYv-qIVSkHUZAWb0B5vlUcvbxWNeTTykIhGx7k3UGXpuLtczAwbDZLA7MjQROos3dStMqXZbpwDTJNZm0CwrBT71LJv_NhfKckXav0y8UobBYcO2poucD71m5lr3CvhQ&sig=Cg0ArKJSzKsOkvZ0NN_WEAE&urlfix=1&omid=0&rm=1&ctpt=127&cbvp=1&cstd=124&cisv=r20210316.87507&adurl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame 5905 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 19:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
58113
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Sun, 20 Mar 2022 19:53:27 GMT
main.js
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/main.js
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1590
x-xss-protection
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKnkpb6EDXAlOMTcvotdF8Q&google_cver=1&google_push=AQvitUKBvi2r1TikAWOjYulJjGbw2ggsY1eJ_9TGX_iQFAeW4zuFeYkTx-zT1azgZaDJA1_ejarb97bor2X198Ci...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKBvi2r1TikAWOjYulJjGbw2ggsY1eJ_9TGX_iQFAeW4zuFeYkTx-zT1azgZaDJA1_ejarb97bor2X198Ci22yzZeVm7w
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKBvi2r1TikAWOjYulJjGbw2ggsY1eJ_9TGX_iQFAeW4zuFeYkTx-zT1azgZaDJA1_ejarb97bor2X198Ci22yzZeVm7w
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 21 Mar 2021 12:02:53 GMT
Server
MT3 3611 f10363c master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKBvi2r1TikAWOjYulJjGbw2ggsY1eJ_9TGX_iQFAeW4zuFeYkTx-zT1azgZaDJA1_ejarb97bor2X198Ci22yzZeVm7w
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Mar 2021 12:02:52 GMT
google
match.adsrvr.org/track/cmf/ Frame 7E0D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELfBUZw3sRQ-ZE5MjG8xZ9c&google_cver=1&google_push=AQvitUKgbnti4eoNQKpPKBHHt7Y871RoB9fLsC44d3JNZT1IcIfLKgW_jDfjQyYRemmDVOXmptOhsVeTp0HmXPZ1ezHT-xIBerk
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJzu941s5EWVyFaLOa7PxHc&google_cver=1&google_push=AQvitUK6hUxY7rO8UN-OINm3YyQA19nid44giD20gC7XEE76tGJxnlHq8Ux5cr85pTafZKv8HFpTVzD...
  • https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUK6hUxY7rO8UN-OINm3YyQA19nid44giD20gC7XEE76tGJxnlHq8Ux5cr85pTafZKv8HFpTVzDiFmgYVROmm5ntxsaxM34&google_sc&google...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUK6hUxY7rO8UN-OINm3YyQA19nid44giD20gC7XEE76tGJxnlHq8Ux5cr85pTafZKv8HFpTVzDiFmgYVROmm5ntxsaxM34&google_sc&google_hm=EBAQEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:00 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_ula=1293153&google_nid=ssc&google_push=AQvitUK6hUxY7rO8UN-OINm3YyQA19nid44giD20gC7XEE76tGJxnlHq8Ux5cr85pTafZKv8HFpTVzDiFmgYVROmm5ntxsaxM34&google_sc&google_hm=EBAQEA
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJcPYXOk_gGAeJOdONVZGmI&google_cver=1&google_push=AQvitUJalgPXCVFxoMgeJe1geE1TeTCJPWKPS_U4ObW0abXfdy9tHK7Ccqo8Op5klr3b7qGmQrDsGQzzgA24ojFe...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NVAh1VqFQBudmRvT-CGnrQ2&google_push=AQvitUJalgPXCVFxoMgeJe1geE1TeTCJPWKPS_U4ObW0abXfdy9tHK7Ccqo8Op5klr3b7qGmQrDsGQzzgA24ojFe5fiax6w7lbA
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NVAh1VqFQBudmRvT-CGnrQ2&google_push=AQvitUJalgPXCVFxoMgeJe1geE1TeTCJPWKPS_U4ObW0abXfdy9tHK7Ccqo8Op5klr3b7qGmQrDsGQzzgA24ojFe5fiax6w7lbA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=NVAh1VqFQBudmRvT-CGnrQ2&google_push=AQvitUJalgPXCVFxoMgeJe1geE1TeTCJPWKPS_U4ObW0abXfdy9tHK7Ccqo8Op5klr3b7qGmQrDsGQzzgA24ojFe5fiax6w7lbA
x-host
tde-deliveryengine-production-6fcb7cb86-n4nlv
alt-svc
clear
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL8RKoyyCEKuT3aHfWbJ14E&google_cver=1&google_push=AQvitUID8CawvHK9ZtGNaO-FXx5-JB7kEn244hwg0QF4Ojmtk3V3exyiiFAM-tmoQ7UIzd-zX-B_W3ARIGP6dQKYuuRB...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=c3ce442b-1b44-4174-b7a9-6d407f054e0d
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_user_id=c3ce442b-1b44-4174-b7a9-6d407f054e0d
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b459f23a-2f4d-4c84-b103-92f0f32d7314&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUID8CawvHK9ZtGNaO-FXx5-JB7kEn244hwg0QF4Ojmtk3V3exyiiFAM-tmoQ7UIzd-zX-B_W3ARIGP6dQKYuuRBkWW75kA&google_hm=w85EKxtEQXS3qW1AfwVODQ==
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUID8CawvHK9ZtGNaO-FXx5-JB7kEn244hwg0QF4Ojmtk3V3exyiiFAM-tmoQ7UIzd-zX-B_W3ARIGP6dQKYuuRBkWW75kA&google_hm=w85EKxtEQXS3qW1AfwVODQ==
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AQvitUID8CawvHK9ZtGNaO-FXx5-JB7kEn244hwg0QF4Ojmtk3V3exyiiFAM-tmoQ7UIzd-zX-B_W3ARIGP6dQKYuuRBkWW75kA&google_hm=w85EKxtEQXS3qW1AfwVODQ==
date
Sun, 21 Mar 2021 12:02:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBi2I82MHNAtj5ksTX5x5Nw&google_cver=1&google_push=AQvitUJp-1oeuN50HyDykUXJ-RKZdTJT4VXzgixqR_eWH3O92MzBgc4ryfjnX2HYLsmsUMXWYfM...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E&google_push=AQvitUJp-1oeuN50HyDykUXJ-RKZdTJT4VXzgixqR_eWH3O92MzBgc4ryfjnX2HYLsmsUMXWYfMS2iLMalt5QH-5yG537OKuvbs
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E&google_push=AQvitUJp-1oeuN50HyDykUXJ-RKZdTJT4VXzgixqR_eWH3O92MzBgc4ryfjnX2HYLsmsUMXWYfMS2iLMalt5QH-5yG537OKuvbs
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E&google_push=AQvitUJp-1oeuN50HyDykUXJ-RKZdTJT4VXzgixqR_eWH3O92MzBgc4ryfjnX2HYLsmsUMXWYfMS2iLMalt5QH-5yG537OKuvbs
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7E0D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.targeting.unrulymedia.com/csync/RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAQvitUKPC5CmzfuyhYpYRstCz...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKPC5CmzfuyhYpYRstCzrVhFyu9gej4AGmXPEJeJ4cJdmHPR4JH57wYDzQHxTYdUNqx3lit8ElMrXi6qNCv6MLDAcofyvA&google_hm=A6Z18eUfsUUkiVnVqzvFaCs
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKPC5CmzfuyhYpYRstCzrVhFyu9gej4AGmXPEJeJ4cJdmHPR4JH57wYDzQHxTYdUNqx3lit8ElMrXi6qNCv6MLDAcofyvA&google_hm=A6Z18eUfsUUkiVnVqzvFaCs
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Tengine
ETag
RXa675f1e51fb145248959d5ab3bc5682b003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUKPC5CmzfuyhYpYRstCzrVhFyu9gej4AGmXPEJeJ4cJdmHPR4JH57wYDzQHxTYdUNqx3lit8ElMrXi6qNCv6MLDAcofyvA&google_hm=A6Z18eUfsUUkiVnVqzvFaCs
Connection
keep-alive
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 7E0D 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjgoY00FDzVCxlrykNv_aeiXsWqv8unpsLQiVyy360Xs6FXsTOvoll_FkgHXzP9hSvvp2q
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame BC52 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 19:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
58113
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Sun, 20 Mar 2022 19:53:27 GMT
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame 6452 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 19:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
58113
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Sun, 20 Mar 2022 19:53:27 GMT
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame B59C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 19:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
58113
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Sun, 20 Mar 2022 19:53:27 GMT
style.css
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		1 KB
598 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
051025522b6efc405929fb00ccf5e7bf3fc5d38cf56cf38f51d0ffa896938376
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 20:19:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56537
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
511
x-xss-protection
0
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 20:19:43 GMT
main.js
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		2 KB
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013155683600f0d286333f6e450a1583f30ad2aabc884df3386932a53de9804c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 15:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74527
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 21 Mar 2021 15:19:53 GMT
tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8B7D 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.1_92cf05aba6ca4ea5cbc62b5a7cb924e3_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37930
x-xss-protection
0
last-modified
Tue, 20 Jun 2017 21:14:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Mar 2021 12:02:00 GMT
back3.jpg
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/back3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f16b6f2446d8033654e9a08cde0b506d305976ad691b07d997e8b5524f701b1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 17:14:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
67635
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70086
x-xss-protection
0
expires
Sun, 21 Mar 2021 17:14:46 GMT
text3.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db399886c635ebbfa97d2eae22892462958aa92977cc5399ac6f23e379fef659
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 17:14:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
67635
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8506
x-xss-protection
0
expires
Sun, 21 Mar 2021 17:14:46 GMT
text3a.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		844 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text3a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0886ad4e02a958c119d183ad3130a3b76e5019426388640b420d58563de08c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 17:14:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
67635
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
844
x-xss-protection
0
expires
Sun, 21 Mar 2021 17:14:46 GMT
text3b.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		869 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de1a96d073ef88b7bb7ad36228ba75ecd0a9fa573b477ef6339ada437cfabf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
869
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
text3c.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text3c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fe20f95e6eafcb276f426a630c8be4930f840428eb0a9ccdb9b979fe2ab8b0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1043
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
ml.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		513 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ml.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c507d4f136f4f8f4be277f9b03c9cc81f8d9ea2db9d17a93e1354703021c6183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
513
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
text4.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d85680431f6b18d6f462d4fd0166441cb06c35351adebeeb2b663fa91859487f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1672
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
text4b.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4b3f86a3cf1366a27fbaf08dedf0eda453e86094cf2071f4fed15c866afc870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
cta.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/cta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39c1fc98599a6003d039bd133e2bef6837dba8cd2105bbca50bc7753523e2727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 08:25:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
12963
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6258
x-xss-protection
0
expires
Mon, 22 Mar 2021 08:25:58 GMT
nissan_black.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/nissan_black.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbfc676ffc58261e482dfc6072f65837e6414cd871e21046bcf9625dd770a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1545
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
back2.jpg
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/back2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ade8431495c374af2d6164cd2e020a9e6363ec0d9ccf5557c75b09dd88ec2c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 20:08:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
57211
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83172
x-xss-protection
0
expires
Sun, 21 Mar 2021 20:08:30 GMT
text2.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		798 B
826 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba7e1e38dfcc2787ad5e4958a3c8d4cb556c1c58462d24ddab7d9d9e1ef84ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
798
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
text2b.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
205c0957c7659e11e8922b1897eb462bc05384d34ecc6d4d2750c55fb49d42ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1308
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
nissan_white.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/nissan_white.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ea6b8f377d11a2df7a9e07d4e81cf9af1b00fcebef57f838ba3e40c4e7cd8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1562
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
back1.jpg
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/back1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c85766d7829d100be7b0101187341d5402c983ec04c8dbbd9629c37f6f5497b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57949
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
text1.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		642 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/text1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67285ce4e1875aad5c46db74e433565d15221806b24ca2a24a219e202b5e19e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
642
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
logo.png
s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/ Frame 8B7D 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
150ac46705ccaf733372fa01a038ca6ed5ea2b763bea0a7e462e02841c6bfe16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9929072/1608291522139/JUKE_CONFIGUREZ_300x600_02/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 16:49:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 11:38:42 GMT
server
sffe
age
69154
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9518
x-xss-protection
0
expires
Sun, 21 Mar 2021 16:49:27 GMT
nissan_white.png
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/nissan_white.png
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44bfeb6f3e9384c527c6e9b5a3761b341cacddebbb4f59d7af3d4347cc890795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1599
x-xss-protection
0
content-type
text/html; charset=UTF-8
back1.jpg
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C630 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/back1.jpg
Requested by
Host: 4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL: https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14ed5d0f091e1f7c4dfd96ae727834123d840dd35a6c9910c78a1f46e4aa41ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
sffe
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1592
x-xss-protection
0
content-type
text/html; charset=UTF-8
view
googleads4.g.doubleclick.net/pcs/ Frame FE9C 		0
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9F64R5Iu-rXErd7nzPOQnSF6bRUZxeoZwN8Ml8_hrZ2awcsbGcIHI_iL6W6cbY0cxJWnEFfxFd5pnBAgYv-qIVSkHUZAWb0B5vlUcvbxWNeTTykIhGx7k3UGXpuLtczAwbDZLA7MjQROos3dStMqXZbpwDTJNZm0CwrBT71LJv_NhfKckXav0y8UobBYcO2poucD71m5lr3CvhQ&sig=Cg0ArKJSzKsOkvZ0NN_WEAE&urlfix=1&omid=0&rm=1&ctpt=396&vt=11&dtpt=269&dett=3&cstd=124&cisv=r20210316.87507&adurl=
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5905 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq1icuDVXYMHrH8ny-gb55YK4CgAAAAA4AeAEAg&bg=!X1ylXBjNAAbUo7L91KM7ACkAdvg8Wql1sWuzwnx308ros1t30KC7PCHlCwSiIqMKNtIcM_0OXdfAHgIAAAEDUgAAACloAQcKAD3onS7ziBjcM3HenOLSezDbpun7OkiWYvH0GOgiugdf41YGKBrzDXtJbxp7WeFhhHMQ0CnQLICkh_Usaw49mQJiyLyBbwsISFIK-hZX49i-3n38lkJ6HcyZ0IyRCxAbMf8cBe6Zo0Xe-FnaCgLw_eMgTcnZqKrqmg23vmF9NuQMheuC6ZpRtWXGN0gnDYLeq1Ew8tX9MfSjrGdkQYGQJ0BvtUiVGREo5AF-YdaTg2MSXDelaSiQjCcPrjbcUrR96s7eqn0WKjBhJUbYKDcKXdzqSO0FIiOgN14A0oRciOyM9UXJ6fO9ux68ssjw2ekBr2JkPw4ExmDFFZmTkdrj_kilTicm3USPd6kuSROAiizdooynJITjgNQeVEYlrimOBewxAcvR4MK7Jf20V2287JWVV6IZP8hVhRJ2gDEd2RPw_3_dYtA5q7tZ_l_-5wVz7-vMOeKe8pVJLGmFPJsYOroXTGilRtVbqCym03kdjYvHKAcpPDxX_0VoZSCmvMVD0-BLX4gyhIS56cZ1aPcPcadvk9G8qC5qL9u6D_-XqPBG_Q6D5ozoqG00YJPd1sQBB5qQQjmWCbru1LOZsOUL8Ezntw9-fmjhbMXDbjJmhPwblweNvRKs2rQVxTrppGqR3nNDmODTW1Nnl5nR0Q9b0nSnkcBIUS1S1hKnt_eGaSo68X_it0OlHw-M7hUnGGrLELRcHag9ma9gE-dfld5gObbLL1AkHJ6dufHrxiex_svZEUOISjE0WgpyDmD59UPJs_CfkNGLQaFcxh05v7Zjwa6lAq1a2mNxaThxhWc7LF1WScAscG_Jxu8d8j625l_WY2e9XQodpY5yJ1dxM_BzseOKXuKAUEajwmCKZaSqofGOq3KwOTE1qV1_A0fpXB1A9mYIMw
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC52 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BV5tsuDVXYKfgJcH47gPp-JeIDQAAAAA4AeAEAg&bg=!5eal5qLNAAbUo7L91KM7ACkAdvg8WljG8t0pVzrqojvPwP0eJCPCmhj6ygETqXJF-3K-bQlLzkcjjwIAAAD6UgAAABVoAQcKAH5Er6n74rCy6qa5ThoL0MrPwC0FJC72JljNnrJxAaVVhyWAwBxHNezF76l_ATiBYkXMJrsBBMB38F752B4PH6po4k5TRa8E1WgdRPlBZSeDKehixg9333XYIzuaA6lvQsKbB0616Avzx9Vg7FJYY63lsT04NAMcyPJRf5h8GROZAm2PThChwoU02pLNjhiu7gC7zRo81t0Xrr0cMsVarmXiNSGfFb7srroNKxMr0tudKBoz6-22DG62q3C3-nwkWS5ZSF-EH7PFu3HUU9viyLl7WAYyJwjfZcmKnnyAk4kmXZf7g9EZHuH-1i-ix6x97m9OuWvlRD2S0TUjVu4eNXmaYhgwqZdxdt8Mus-FG3T6s5h3EwXXLWh5GccXj4H5zI_wKla8V2FUzvAGnu6oRqtzvBzgdjrAp8GruG14aeFRI9ijTWDjKhUxAmXe0lFI0C61qsSIRl9G5sHdX1clJjIMpB7tL5Ttzpz_uO6yR1BlvYNKti2HG7k5WMBzWNA38dsKAPlJ4PwS0mPK_67g_Wf_wejHTSTc7xQI7oMe7OQa2ExMlD8JTLJlh8LEb1V6JOuH8tpU9o6W1pmhfze-OsZs848Raad0imMIzFyeU5H-UXSTV64QpJ_v4NXwiPuTqG_vX1I9xuVGJ3_DpBxWKGrbGQ6iimLBLSgNT2QbBjuFbnPAvhNmFCvGcP6UyssOaDUoipWrySESbBn_Y5nxsAHguMjFpmuPTQ1-uu7GwrNqM9eruuJd8t4km5pYEGa3BnYXKLKhs3AsbUiqNiQ_YMCoFOL52NMYK4CZxSVr8EypCZyYFrK5StKGCZ-3iSEQffdHn2Cb6tTCSJ8QnFUz2LuKm8SPP5IYRN-egK3ngia3HhiM4fAEYK8fJ7dNlzwdSao24-BplG3SF3_dtOwfEiVzGEnaWoyWLNGgK2jG6Ddff8EGJ4efH4p-mSMFz7StNS5vWbDhRdfKdyHRortYZkOQjjFrzoJ9IHBLeKK2rfU
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6452 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bau-fuDVXYIjqI_2H7_UPtaKjyAwAAAAAOAHgBAI&bg=!h4SlhMDNAAbUo7L91KM7ACkAdvg8WqJhQ3rctnxoTLAqdfAMIe3amZDJO_XKJdmgt_sOYsHXEUzeIAIAAAEBUgAAAA9oAQeZAmSkMO5OT9okKvGEG0OcVsssUoc-7vstBc7TpN-H-qndCGWQHN5YKPc-MA8MvdFKgHjPOKq5GT_PvejkRXJlc3OlXew_S04DzK3mxKs8Jd1i4IKk90u6ATjzcKf9fmLSUbY23UAWwzUV2DL0KPlZ6MipA-axlpagq-DYrDtVq8KoOwNd2Z5r84fUeF-1XyiLxoXpkuzVSVRLU5sEMbk_s5G6103aOghmdI0ffhpWn8oVPVsHYK4fRzgE4kjZHuXxmZrxSE1nQhPHgbQXcWk5Tqs2ppH2QgIJDty_ckdRNWrFAEpevBnckFUJDeAk8TciydBRmITdw60crWcNyrCFs2DL281eEhMgH7h4ToiGhZuMAo3I-UYGVltLhbONsAZmLG9aIS15WAVBLKtYwHHH-hIwgckQoaa1yAJtq5m5EtSSBvNBoXcrNaoVDTDBsVffo1QqgPBVWaW07lMsa04t5wDCaz8D4EAgtYAoFf5cAeQRcpAyGI9eN7cEXVjTdMnebhOEESb5iq2hSe-_s98ZO_RT9ZH0IWbKpz1Kz6iXNXQv21MCHSuNlDgzy0J_FDrvzaiSvAZxPlqIyXy9ff2XmnUYuV8WHfVcBPv4Q7NCMOT6_siKTbsn7Jx7lRYLaouli1P1YBgP-qtGgqJjRflvLubazI0huymBlyCy7uUOuQkX-2YuzrsozQGc_OR6_QBfb9BK9IG7uL0bjaf5g18F1WmaIAq6RpZAkTPCPtVJU5TyArgNKaKpEnwIh2z-tFixc8GvnsU8QW6ErOawSUHZWFxHfGZ6TmQDyoxSBGnOZc68UshGmOE
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B59C 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpP6BuDVXYIjMJtGCgQel_a2ICQAAAAA4AeAEAg&bg=!a2ilaCzNAAbUo7L91KM7ACkAdvg8WsXPUrt8X_V3b-NgPIpZ5_t_2vZUHsdXsGjvhSmM08NkfvtC7AIAAADpUgAAAA9oAQcKASXEXGtPQ8JO2pY-IRpVOAzJXszmYjNQm8UCXE3ZIeR-tLMBZpwtBLo7mtNUUYNG6nmDOMBka4xKWHGTIMMZOWdW558cx5LerzruQBaYbdV3bmgZxuqhMLZ_IJfePIAfF8VIuOINZDdg63OljcnvkSCT6LVh8_MK7yaTeexkJ82m4vDXRAeJPoNMcxupYEN2161KQu11IuaLGuLN36zzGg3GkK_67ECo96fy_lweOTWeBsnC6dWpTG8vm87kMPW27oEnwHcPJjTxaf0yS6yMdkDtGDgHoPhZ-tB4TEa_HZMSYsZoAQ-G7IH5w64foNwSmsvr2zlizIwkGEcEtXgWbQEGjfyeRgivOW-opmQe-XgdqhbMk9X3Th8qqxY2c4ZiItnD_uqqSJkCbFnU4Cin6SpUayP8UZcQvBWOlLnn9NWL6Kl3acoat3Mqvp23K9oSQ3Wbsa7_4Nv9-xLNtJWIHpcPi7spb8puqutEJdWMjE_ZIABFGh9erO5E3622YbJX5S-MtNPE_VmpniQJMalyDuqi-1Fjg0Bl7UYgmwpF-xTIapkg1O8EnPqW1KUuc6WPCqKUrlJlO1yTJx3piSM2dBHSX5PKYNbcVT6L0AXrH0oAHy1OdegjgJBBqAweUDfYCIC6pNSPR_sepesNCry3VdaEjpbzhWkS47qU997xPVrES6ZrB6BeICmJY_kEYtiimHhY5WPbEpMpDeD5wVJJcm5rgv7-eLDZ2U4dvV0nSd4NIn0vFjIHvl3a4pi237wR0ztOgs-3JQgm1qCSf33S2ZbvuKlui3z2my1JPZrRLBMQwM8UtYbYo1GicCD24Er2P1tIPtOtHxR_vCyt2AhcxoJtBE4qzofIe8wVx4bDZ6JyO-O1BYH7c6FueEAYx-p18QC7JE1XSh5GYk5pY2t3O9pUS2B-DfsufmHCyPkVA3Jw35xHIxWNK0WIfVfHwxjndTET9klu6EqJLlxp3jJFUEW6XFU6hatw7wBYFz3tVUOG578ZyJ46opRpnqkGfeG2SYsfhSMQhgJDZnRU7Mw9N65v0YskAXb5RCkvGh_EVcUwYEOe5jdwjzrZzli6wd6WJR_7G-5ekRIFFp3moLsvDUfPRWtEfTkqmWBugg-pBMduaglMjbatKexLx9NNxNl_Ql_iolFAxCYYg1oHR6RhrSLnjXriz_U2QluxUtxEcqJWfwACi0Caf4foEFalDicOdBy3VfHK
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D04 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupKtoXJdo_ysQ6WDV5R_qfIDHBK4hJSloOIsI6QYD-nR3Yx8P0pN6ggguahYak38v04ZH0Joold-c1DUFVglqcqU322fl_6jcLEXJbpudoLY2dWW1GyvtSYuclzg&sai=AMfl-YQ0a5B3Xt_o6rzTEIumEPmNoZbK5EP_iDyQS-7rFYqMiJfHw39Zl58JW3v4M1r7Pi7dy-Wc1al-uwvvtK8-kKJpVapyiqo4vPUemqAHh6YlY7qSUXdxatv4QkgF&sig=Cg0ArKJSzDCV58mJUL31EAE&cid=CAASF-RoYp-2Lds-1ol16BwK9y6LO0fUT907&id=ampim&o=315,0&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,0,1002,1002&tos=0,0,0,1002,0&tfs=218&tls=1220&g=100&h=100&tt=1220&r=v&avms=ampa&adk=245896284
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.clarity.ms/cus/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.10/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:01 GMT
access-control-allow-credentials
true
x-powered-by
ASP.NET
x-azure-ref
0uTVXYAAAAAA4MC36rotVS7Q/CL2WaSoRRlJBRURHRTEwMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
activeview
pagead2.googlesyndication.com/pcs/ Frame FE9C 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMLjCPANzVZBe42oVQCxfJFjfvgDD1qtnT91wY9J4j_7BWH_PZ9MDdUhP7lkt1-o991J1Rcr4UvBbgAEDEM7h-zjd2YgX5jAN5SRQIE8TRCapjwrtd1mTdSgjbNA&sai=AMfl-YRyyIk17K-Rq06Ppva5EeLtEPyqLvosWOaKvKrLOc62_shFM8tkmdD23qMKRnapKRhOw5_7-lbGcLtCfWE9dwi5wHgJI3tNMb39OBjeU0zPwS6w4RejYM7zAajj&sig=Cg0ArKJSzPj2m7gCfZIuEAE&cid=CAASEuRo5otRO1kKPJAzWTKwfhlgsA&id=osdim&mcvt=1000&p=776,1314,816,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2483261273&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1616328120422&dlt=13&rpt=0&isd=0&msd=0&r=v&uup=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FE9C 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ0QTrHhHa5bCJ9L4Q0RtaSZAyB1Zwd9XF60NOmW2qdA8tsBIri0pgYsVE5S5dZX7tG-bNAmKM-tl8SmPghj0&sig=Cg0ArKJSzIM-8zzUfSyVEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&app=0&itpl=34&adk=0&rs=6&met=mue&la=0&cr=0&vs=4&r=v&uup=0
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D69D 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 21 Mar 2021 12:02:01 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
sync
pixel.advertising.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55953/sync?uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.advertising.com/ups/55953/sync?uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=2144b0f9-7384-4fe3-957b-c09e28dafef7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
369
%7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:03 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEPxKdKGWD4CUnqZekajQreU&google_cver=1&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
date
Sun, 21 Mar 2021 12:02:03 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YFc1uwAAALpTPjoG&_origin=0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFc1uwAAALpTPjoG&_origin=0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
0
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFc1uwAAALpTPjoG&_origin=0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:03 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFc1uwAAALpTPjoG&_origin=0&gdpr=0&gdpr_consent=&_test=YFc1uwAAALpTPjoG&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
date
Sun, 21 Mar 2021 12:02:03 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 2259 		995 B
877 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-185.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=2417220075358525530; anj=dTM7k!M4/8Erk#WF']wIg2In@l@RdC!A#Ep.CK$wNya!tNya%e!@Ef-$zlr+; icu=ChgIypNSEAoYASABKAEwtuvcggY4AUABSAEKGAijvFwQChgBIAEoATC469yCBjgBQAFIARC469yCBhgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Mon, 21 Mar 2022 12:02:04 GMT
Date
Sun, 21 Mar 2021 12:02:04 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 167A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sun, 21 Mar 2021 12:02:04 GMT
Content-Length
1151
Connection
keep-alive
iframe
mantodea.mantisadnetwork.com/prebid/ Frame 5372 		332 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1616328118238&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
c1e4e9ef2b4636c9e35320960b211ad3f8892bba03b6699c40fde89c0a53e697

Request headers

:method
GET
:authority
mantodea.mantisadnetwork.com
:scheme
https
:path
/prebid/iframe?tz=-60&buster=1616328118238&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
content-type
text/html; charset=utf-8
content-length
332
x-powered-by
Express
vary
Origin
access-control-allow-credentials
true
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
-1
etag
W/"14c-C2ywdGTXd8AIyn5nhjQeXCrhL2k"
index.html
cdn.districtm.io/ids/ Frame F239 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
set-cookie
__cfduid=dbff4a2e759f7aa5e99b3580921383f2a1616328123; expires=Tue, 20-Apr-21 12:02:03 GMT; path=/; domain=.districtm.io; HttpOnly; SameSite=Lax
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
cf-request-id
08f642fc130000a891dfabb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
633707735d53a891-CDG
Cookie set check.html
biddr.brealtime.com/ Frame 8E36 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Date
Sun, 21 Mar 2021 12:02:04 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d2a8d9bc0124e730a0f96696e4d477f3a1616328124; expires=Tue, 20-Apr-21 12:02:04 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
F3Cx2Ql2kh1/kNe0XXuHQPi5qmtD2acOwqIVnKgs19LLCao1mhzjOw9CJRCcUeEsLREotcLCpGY=
x-amz-request-id
C4756C602B5CAED9
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
6225
Expires
Sun, 21 Mar 2021 12:03:04 GMT
Cache-Control
public, max-age=60
cf-request-id
08f643000600000843d0b56000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
63370779aed80843-CDG
Content-Encoding
gzip
collect
www.google-analytics.com/g/ 		0
46 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MBSB7S97P1&gtm=2oe3a0&_p=1393776533&sr=1600x1200&ul=en-us&cid=652369582.1616328118&_s=2&dl=https%3A%2F%2Fcrooksandliars.com%2F&dt=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&sid=1616328117&sct=1&seg=0&en=breakpoint-xlg-home&_et=533
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBSB7S97P1&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ Frame 5372 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1616328118238&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
content-encoding
gzip
etag
"YoFsxqR3BwPygbSjh02Dug=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 28 Mar 2021 12:02:03 GMT
query
ecs.mantisadnetwork.com/sync/pixel/ Frame 5372
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
  • https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=2144b0f9-7384-4fe3-957b-c09e28dafef7
35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=2144b0f9-7384-4fe3-957b-c09e28dafef7
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1616328118238&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.61.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:03 GMT
x-powered-by
Express
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ecs.mantisadnetwork.com/sync/pixel/query?source=tradedesk&id=2144b0f9-7384-4fe3-957b-c09e28dafef7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
241
rules-p-8p-p7hkcWNjJm.js
rules.quantcount.com/ Frame 5372 		3 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-8p-p7hkcWNjJm.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 02:28:24 GMT
via
1.1 4678033b564719cfa85dd7af417223ab.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:14:17 GMT
server
AmazonS3
age
34438
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
Su0kabizmY3cJfbyE8Hndt4-Hya5_HDGGOJD6hiHcUfWcNW-XkFVgQ==
pixel;r=1228381194;labels=property.5c7dc3ee68958f00125bb54c;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-60%26buster%3D1616328118238%26secure%3Dtr...
pixel.quantserve.com/ Frame 5372 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1228381194;labels=property.5c7dc3ee68958f00125bb54c;rf=0;a=p-8p-p7hkcWNjJm;url=https%3A%2F%2Fmantodea.mantisadnetwork.com%2Fprebid%2Fiframe%3Ftz%3D-60%26buster%3D1616328118238%26secure%3Dtrue%26version%3D9%26mobile%3Dfalse%26title%3DProgressive%2520news%2520and%2520media%2520coverage%2520on%2520Crooks%2520and%2520Liars%26url%3Dhttps%253A%252F%252Fcrooksandliars.com%252F;ref=https%3A%2F%2Fcrooksandliars.com%2F;uht=2;fpan=1;fpa=P0-1307333694-1616328123480;ns=1;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;d=mantodea.mantisadnetwork.com;je=0;sr=1600x1200x24;dst=1;et=1616328123480;tzo=-60;ogl=
Requested by
Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=-60&buster=1616328118238&secure=true&version=9&mobile=false&title=Progressive%20news%20and%20media%20coverage%20on%20Crooks%20and%20Liars&url=https%3A%2F%2Fcrooksandliars.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://mantodea.mantisadnetwork.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:03 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:04 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:04 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
11
x-xss-protection
1; mode=block
3
rtb.avantisvideo.com/api/v1/usersync/setuid/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=324217c6-f3e0-423a-94f7-66659c331ec1
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=2417220075358525530&suid=324217c6-f3e0-423a-94f7-66659c331ec1
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=2417220075358525530&suid=324217c6-f3e0-423a-94f7-66659c331ec1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid
69127ac4-e38b-44d1-b5e8-8af5fe0f818b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=2417220075358525530&suid=324217c6-f3e0-423a-94f7-66659c331ec1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame 2259 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid
6173c5b0-b724-4412-8020-2b772222986a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5A1D 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5bffa6ca408fa13b4e8975cb53c23ad4ba0254e2eca7eccedcf27f9a51f9d908

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1179; CMID=YFc1uMvMMkzTuBl4pclu1AAA; CMPRO=1156; CMRUM3=2d605735b92760CAESECxb1zMmn4VTjXonpQPHXv4; CMST=YFc1uGBXNbkA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|73|47|64|123|8
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1523
Expires
Sun, 21 Mar 2021 12:02:04 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Connection
keep-alive
Set-Cookie
CMID=YFc1uMvMMkzTuBl4pclu1AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 21 Mar 2022 12:02:04 GMT CMPS=1179;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 19 Jun 2021 12:02:04 GMT CMPRO=1156;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 19 Jun 2021 12:02:04 GMT CMST=YFc1uGBXNbwA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 22 Mar 2021 12:02:04 GMT CMRUM3=e6605735bc27600&f1605735bc05a00&49605735bc05a00&2f605735bc05a0&27605735bc0b40&7b605735bc05a00&08605735bc05a00&2d605735b92760CAESECxb1zMmn4VTjXonpQPHXv4&40605735bc05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 21 Mar 2022 12:02:04 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 5A1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEOuojBYDzY2OUdTXdcN1Lh8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5A1D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5A1D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=70&gdpr=1&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YFc1uMvMMkzTuBl4pclu1AAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5A1D 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YFc1uMvMMkzTuBl4pclu1AAABIQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5A1D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=acwKyzfL1LnWMp5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=acwKyzfL1LnWMp5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:04 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:03 GMT
Server
PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-018eb1938ecb3107d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=acwKyzfL1LnWMp5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A1D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618920124
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618920124
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1618920124
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 5A1D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8ozwx93KQWBv0ujZVCpD59mKz5Q
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8ozwx93KQWBv0ujZVCpD59mKz5Q
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:04 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:04 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8ozwx93KQWBv0ujZVCpD59mKz5Q
Date
Sun, 21 Mar 2021 12:02:04 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 5A1D
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9307dc4f-9b23-4e16-bfa9-01bbb72589b6&expiration=1647864124
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9307dc4f-9b23-4e16-bfa9-01bbb72589b6&expiration=1647864124
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 12:02:05 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=9307dc4f-9b23-4e16-bfa9-01bbb72589b6&expiration=1647864124
date
Sun, 21 Mar 2021 12:02:04 GMT
server
Kestrel
content-length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5A1D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YFc1uMvMMkzTuBl4pclu1AAA%261156
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://crooksandliars.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:04 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3480
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sun, 21 Mar 2021 13:00:04 GMT
sync
pre.ads.justpremium.com/v/1.0/t/ Frame 8AFE 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=agdgaz1616328118342
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.135.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9a26d75c5454f91bc18300607c0aded99edd665bdca5feaab82b469994d4543f

Request headers

:method
GET
:authority
pre.ads.justpremium.com
:scheme
https
:path
/v/1.0/t/sync?_c=agdgaz1616328118342
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

date
Sun, 21 Mar 2021 12:02:04 GMT
content-type
text/html; charset=utf-8
cache-control
public, no-cache, no-store, must-revalidate
showad.js
ads.pubmatic.com/AdServer/js/ Frame D914 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; pi=156512:2; KADUSERCOOKIE=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A; chkChromeAb67Sec=1; DPSync3=1617494400%3A226_221_201_227; SyncRTB3=1616889600%3A223_2_67_15%7C1617494400%3A78_88_5_3_166_204_55_230_71_22_21_161_165_7_81_220_13_54_189_176_222_56_8%7C1617580800%3A35%7C1617148800%3A63%7C1618876800%3A203; KRTBCOOKIE_57=22776-2417220075358525530; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&22987-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&23025-CAESEPCi-xcEQ6Bi0xiaXSDG9uE; KRTBCOOKIE_153=1923-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&19420-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&22979-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4; KRTBCOOKIE_107=1471-uid:acwKyzfL1LnWMp5; KRTBCOOKIE_22=14911-4154356464347799715; KRTBCOOKIE_27=16735-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&16736-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23019-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23114-uid:99d46057-35b9-4200-a11f-847c226f05f9; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c7d34ffe-d990-480c-84c9-1e9018ccb095; SPugT=1616328121; KRTBCOOKIE_377=6810-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&22918-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&23031-2144b0f9-7384-4fe3-957b-c09e28dafef7; KRTBCOOKIE_218=22978-YFc1uwAAALEa_VLS&KRTB&23194-YFc1uwAAALEa_VLS&KRTB&23209-YFc1uwAAALEa_VLS&KRTB&23244-YFc1uwAAALEa_VLS; KRTBCOOKIE_466=16530-c3ce442b-1b44-4174-b7a9-6d407f054e0d; PugT=1616328124
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=55137
Expires
Mon, 22 Mar 2021 03:21:01 GMT
Date
Sun, 21 Mar 2021 12:02:04 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5627 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMJ4123X-R-1XND; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J56GbFHOusT2oB2HGEUTAXS+RTV6r8gI62G1ApUF7VZeOex0kzD72YK4xMsWvCP6IYwzAXu7xkBJ/OkD00vteYsduhMpCB4fw; ses2=; vis2=238568^1; audit=1|SDziDG3X/EiDwyX1CJjb2dna3loNM4GcGqqasbK4pIGY7dA5Tlr4IVaaLTqMTqugQpiuKe1Ic77gcRgjl6EitdYb/ZfPzBFUpmvllXEtYN4=; ses15=; vis15=238568^1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Mar 2021 12:02:05 GMT
Connection
keep-alive
Vary
Accept-Encoding
iframe
sync.teads.tv/ Frame 066C 		153 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A12%7D
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.9 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/iframe?gdprIab=%7B%22status%22%3A12%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

content-type
text/html; charset=UTF-8
server
akka-http/10.1.9
content-length
153
expires
Sun, 21 Mar 2021 12:02:04 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
set-cookie
tt_bluekai=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_exelate=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_emetriq=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_liveramp=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_neustar=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_salesforce=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_dar=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_skp=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None tt_retargetly=; Expires=Mon, 22 Mar 2021 12:02:04 GMT; Max-Age=86400; Domain=.teads.tv; Path=/; Secure; SameSite=None
sync
eb2.3lift.com/ Frame CA34
Redirect Chain
  • https://ib.3lift.com/sync?
  • https://eb2.3lift.com/sync?
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.89.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f6277b9aa39c6ae8f35ae14f1041f469ee64cdd3efa1608aea4f1db79b347c2e

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=13637767897429749004
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

date
Sun, 21 Mar 2021 12:02:05 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQoNynpYUvCgoIkQIQoNynpYUvCgoI4gEQoNynpYUvCgoIkgIQoNynpYUvCgoI5gEQoNynpYUvCgoIhwIQoNynpYUvCgkIOhCg3KelhS8KCQgLEKDcp6WFLwoJCF8QoNynpYUvCgkIHxCg3KelhS8=; Max-Age=7776000; Expires=Sat, 19 Jun 2021 12:02:05 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=13637767897429749004; Max-Age=7776000; Expires=Sat, 19 Jun 2021 12:02:05 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

content-length
0
location
https://eb2.3lift.com/sync?
cache-control
public, max-age=900
date
Sun, 21 Mar 2021 11:58:17 GMT
last-modified
Sun, 21 Mar 2021 11:58:17 GMT
x-rev
5ac3d7d
x-served-by
impression-bus6.us_east.prod
x-cache
Hit from cloudfront
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
1MlSibF5QNwiAKtwKlgP-6OIdbuXD4Hh8YC7RngHGmYc9IUmfVlowA==
age
228
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:02:04 GMT
content-length
2
content-type
text/plain
06549e4e-1790-46a1-bd74-f459502d8ce4.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/06549e4e-1790-46a1-bd74-f459502d8ce4.jpg?crop=373:210,smart&width=373&height=210&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25b423f1a34ee56ef4169baf7b2f294589d37f7536bd225a34b757f0f8ea5f41

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:04 GMT
content-encoding
br
age
13381
x-cache
HIT, HIT
fastly-io-info
ifsz=130560 idim=1140x798 ifmt=jpeg ofsz=13665 odim=373x210 ofmt=jpeg
fastly-stats
io=1
content-length
13275
x-served-by
cache-mdw17369-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328125.915962,VS0,VE1
etag
"l3vapSJ7x7WbYnBWJxH9BtXFSPf3OSdqBU79RGPSSFA"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwEYCkAmAwgVgAyZYBsAzAGQID2EATgMYCmSoCZEAjqmXcALYAOwGAHNYIVHhQB2IgE4AHGWDCGUOEgBWrXpRBM8ZAO4MARgngMY4kkUlkAbjHNwrqIilIZ5KFAoAsRBhSKGR6joyuJCQ4RME4JPKkOL7yJF7kgiqODIauIQgM7BCqEdbcADYwqnAuvAwIcHz8bh5p3hh+sig4FVVqwPww9gw05pRQSI3C5GEwjEggQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwDYCkAmAwgdk1gVgA58MUAyBAewgCcBjAUyVAXIgEckBGc+4ALYAHYDADmsEDwAMAZjIAWHOWBjGUOEgBWbAVRDNp5AO6MARgniMYU2Smm8AbjEtwbPFNxTyi3bgE4iBRQMHF4DZyZ3WVkCFDCCWSJvAgCiH1lyETVnRmN3XgRGDgh1KKkFPgAbGHU4NwFGBDhBIQ8vH24MBX8MXnoauuAhGEdGWksqKCQWsUyImCYkECA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame D914 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=15030378&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ff326df9eb0b43dc859902087e6a786810cbacf7237dab932f817045b5280e53

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:04 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
1819
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 7034
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
35 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=15030378&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Sun, 21 Mar 2021 12:02:05 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=4135167033265046661; expires=Thu, 20 May 2021 12:02:05 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Sun, 21 Mar 2021 12:02:05 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Wed, 21 Apr 2021 12:02:05 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2449
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5645210206
  • https://sync.1rx.io/usersync/tradedesk/2144b0f9-7384-4fe3-957b-c09e28dafef7
  • https://sync.targeting.unrulymedia.com/csync/RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=15030378&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A; KRTBCOOKIE_57=22776-2417220075358525530; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&22987-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&23025-CAESEPCi-xcEQ6Bi0xiaXSDG9uE; KRTBCOOKIE_153=1923-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&19420-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&22979-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4; KRTBCOOKIE_107=1471-uid:acwKyzfL1LnWMp5; KRTBCOOKIE_22=14911-4154356464347799715; KRTBCOOKIE_27=16735-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&16736-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23019-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23114-uid:99d46057-35b9-4200-a11f-847c226f05f9; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c7d34ffe-d990-480c-84c9-1e9018ccb095; SPugT=1616328121; KRTBCOOKIE_377=6810-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&22918-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&23031-2144b0f9-7384-4fe3-957b-c09e28dafef7; KRTBCOOKIE_218=22978-YFc1uwAAALEa_VLS&KRTB&23194-YFc1uwAAALEa_VLS&KRTB&23209-YFc1uwAAALEa_VLS&KRTB&23244-YFc1uwAAALEa_VLS; KRTBCOOKIE_466=16530-c3ce442b-1b44-4174-b7a9-6d407f054e0d; PugT=1616328124; pi=109126:3; chkChromeAb67Sec=2; DPSync3=1617494400%3A226_221_201_227_219_197%7C1616371200%3A174; SyncRTB3=1618876800%3A203%7C1616889600%3A67_223_2_15%7C1617580800%3A35%7C1617148800%3A63%7C1621468800%3A69%7C1617494400%3A7_3_22_54_189_176_13_56_78_204_21_88_230_81_104_55_71_165_99_8_5_166_161_220_222_57
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003&KRTB&17107-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:05 GMT; path=/ PugT=1616328125; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 20-Apr-2021 12:02:05 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:05 GMT; path=/
X-lat
lhrpug019:0:515
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003%22%7D; path=/; expires=Mon, 21 Mar 2022 12:02:05 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003
ETag
RXa675f1e51fb145248959d5ab3bc5682b003
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 2108
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2D8478E4886047FCA0545C18CD6A46FF
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2D8478E4886047FCA0545C18CD6A46FF
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=15030378&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A; KRTBCOOKIE_57=22776-2417220075358525530; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&22987-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&23025-CAESEPCi-xcEQ6Bi0xiaXSDG9uE; KRTBCOOKIE_153=1923-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&19420-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&22979-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4; KRTBCOOKIE_107=1471-uid:acwKyzfL1LnWMp5; KRTBCOOKIE_22=14911-4154356464347799715; KRTBCOOKIE_27=16735-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&16736-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23019-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23114-uid:99d46057-35b9-4200-a11f-847c226f05f9; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c7d34ffe-d990-480c-84c9-1e9018ccb095; KRTBCOOKIE_377=6810-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&22918-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&23031-2144b0f9-7384-4fe3-957b-c09e28dafef7; KRTBCOOKIE_218=22978-YFc1uwAAALEa_VLS&KRTB&23194-YFc1uwAAALEa_VLS&KRTB&23209-YFc1uwAAALEa_VLS&KRTB&23244-YFc1uwAAALEa_VLS; KRTBCOOKIE_466=16530-c3ce442b-1b44-4174-b7a9-6d407f054e0d; pi=109126:3; DPSync3=1617494400%3A226_221_201_227_219_197%7C1616371200%3A174; SyncRTB3=1618876800%3A203%7C1616889600%3A67_223_2_15%7C1617580800%3A35%7C1617148800%3A63%7C1621468800%3A69%7C1617494400%3A7_3_22_54_189_176_13_56_78_204_21_88_230_81_104_55_71_165_99_8_5_166_161_220_222_57; KRTBCOOKIE_594=17105-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003&KRTB&17107-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003; KRTBCOOKIE_391=22924-4162373345338025050&KRTB&23263-4162373345338025050; SPugT=1616328125; chkChromeAb67Sec=3; KRTBCOOKIE_279=22890-4260f2e7-8a3d-11eb-b243-11bff608f02b&KRTB&23011-4260f2e7-8a3d-11eb-b243-11bff608f02b; PugT=1616328127
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 12:02:07 GMT; path=/
X-lat
lhrpug018:0:365
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Sun, 21 Mar 2021 12:02:07 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:2D8478E4886047FCA0545C18CD6A46FF
set-cookie
suid=2D8478E4886047FCA0545C18CD6A46FF; Path=/; domain=simpli.fi; Expires=Tue, 22-Mar-22 12:02:07 GMT; SameSite=none; Secure; suid_legacy=2D8478E4886047FCA0545C18CD6A46FF; Path=/; domain=simpli.fi; Expires=Tue, 22-Mar-22 12:02:07 GMT; Secure;
expires
Sat, 20 Mar 2021 12:02:07 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame C70B 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=15030378&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sun, 21 Mar 2021 12:02:06 GMT
Content-Length
0
Connection
keep-alive
/
pixel.onaudience.com/ Frame D914
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4495b17791225f79b85cf72f24a565af
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4495b17791225f79b85cf72f24a565af
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Sun, 21 Mar 2021 12:02:07 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4495b17791225f79b85cf72f24a565af
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame D914
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=333f6057-35b9-4900-ad7b-6e4be1ba412f
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=333f6057-35b9-4900-ad7b-6e4be1ba412f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:08 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 21 Mar 2021 12:02:57 GMT
Server
MT3 3611 f10363c master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=333f6057-35b9-4900-ad7b-6e4be1ba412f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Mar 2021 12:02:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D914
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4260f2e7-8a3d-11eb-b243-11bff608f02b&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4260f2e7-8a3d-11eb-b243-11bff608f02b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:07 GMT
X-lat
lhrpug018:0:413
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4260f2e7-8a3d-11eb-b243-11bff608f02b&gdpr=0&gdpr_consent=
Date
Sun, 21 Mar 2021 12:02:06 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
4260f2e8-8a3d-11eb-b243-11bff608f02b
cygnus
as-sec.casalemedia.com/ 		41 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1616328125020&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A550%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ed187fce049e12b677b4eafc7583020750d7b6dd71c70a0fd028dda6e3da77c

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
Expires
Sun, 21 Mar 2021 12:02:05 GMT
cygnus
as-sec.casalemedia.com/ 		28 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1616328125023&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0527d89a1052435038e9c6bc1edda47bd8214bdcc7e277cbdf95eb16e80b965

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
Expires
Sun, 21 Mar 2021 12:02:05 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1616328125024&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ed187fce049e12b677b4eafc7583020750d7b6dd71c70a0fd028dda6e3da77c

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
Expires
Sun, 21 Mar 2021 12:02:05 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1616328125024&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22banner%22%3A%7B%22w%22%3A1600%2C%22h%22%3A500%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ed187fce049e12b677b4eafc7583020750d7b6dd71c70a0fd028dda6e3da77c

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
Expires
Sun, 21 Mar 2021 12:02:05 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1616328125025&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22banner%22%3A%7B%22w%22%3A1920%2C%22h%22%3A480%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ed187fce049e12b677b4eafc7583020750d7b6dd71c70a0fd028dda6e3da77c

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
Expires
Sun, 21 Mar 2021 12:02:05 GMT
cygnus
as-sec.casalemedia.com/ 		28 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1616328125025&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A4%2C%22playbackmethod%22%3A%5B2%5D%2C%22w%22%3A880%2C%22h%22%3A495%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&fn=jsonp
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0527d89a1052435038e9c6bc1edda47bd8214bdcc7e277cbdf95eb16e80b965

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
48
Expires
Sun, 21 Mar 2021 12:02:05 GMT
cygnus
as-sec.casalemedia.com/ 		41 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1616328125026&s=382244&r=%7B%22id%22%3A1616328125%2C%22imp%22%3A%5B%7B%22id%22%3A1%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%3Fdeployment%3Dagilityzone%26device%3Ddesktop%22%2C%22ref%22%3A%22%22%2C%22mobile%22%3A0%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A3601%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%223601%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN (),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3ed187fce049e12b677b4eafc7583020750d7b6dd71c70a0fd028dda6e3da77c

Request headers

Accept
text/plain, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
61
Expires
Sun, 21 Mar 2021 12:02:05 GMT
ad_page
ssp.behave.com/ 		20 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.behave.com/ad_page
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.8.50.232 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Sun, 21 Mar 2021 12:02:05 GMT
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
20
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/files/js/js_68f45ea9bd0191920e53b1cf421ac715.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwuANzgcQPNGBgBHAK4w8xMjhCr5UInngBOevQAelSvWlzFynBAL9lIFMHgBGAGxvaAJmrPPpzyzAYAQAxjDwAHIAgqwwIBykFNFoIPIhNlxQOFDyKEhwLikaWhCJhXhc8mBh8Op4aCEOoAQA5loUzvTOTK661CktAkIAVvUoXGzwZgDuMEiExOTwtK5daCIEC0tuHt7Ozn0ALK4BzrEbYUu0tJSuTM6UtNSuNwd03rQYIIMbMNPbaDwFgElwolAaHAIQxsdggTRc7heez8vjMIUhQxAwAIYjAhEy8DhLU+bAu4TIQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwuANzgcQPNGBgBHAK4w8xMjhCr5UInngBOevQAeANgPS5i5TggF+ykCmDwAjMde0ATNWcfK9LxhgBADGMPAAcgCCrDAgHKQUUWgg8sE2XFA4UPIoSHAuyRpaEAnwxrRoeFzyYKHw6nhowQ6gBADmWhTO9M5MxrrUyW0CQgBWjShcbPD0aADuMEiExOTwtKbOaCIEy6uu7l7OzgMALMYeTJts26GrtLSUxpeUtNTllMd0XhWgw9swcz2lQsAluFGMTQ4BBGNjsEBaLjc5UOvh8EOCUJGIGABDEYEIGXg8LaFWuITCZCAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwUIPBAAWMEGTRgYARwCuMMTDI5pORVCJ54ARgBs9egA9KJ2QuVicEAvzEgUwA4aO0ATNX2eL3jDACAGMYeAA5AEFWKQ5SCii0EEVg+y4oHChFFCQ4AyT1bSJ4+EM0PC5FMFD4aTw0YOdQAgBzHQp9Rk9DABYWEBaBIQArepQuNnh6NAB3GCRCYnJ4WmN9NAA3AkXlow9vfX0ATmoew08mdbYt0OXaWkpDS8paakMH47pvWgwBmC2YDNduVrAJbhQWMEOAQhvZHBAmm59j4-L4jg1oUMQMACBs4IR0vAES0ftcQmEyEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwUIPBAAWMEGTRgYARwCuMMTDI5pORVCJ54AN3IwushcrE4IBfmJApg8AIwA2F7QBM1R+8r13ATgwwAgBjGHgAOQBBVikOUgpotBBFEKsuKBwoRRQkOCdk9W0iBKpqNDwuRTAw+Gk8NBC7UAIAcx0KR0Z3ZwAWFhBWgSEAKwaULjZ4ejQAdxgkQmJyeFpnekc0QyWVlzdPR0d-al7ndyZNtkMwldpaSmcLylpqZ3ujuk9aDEGYQxhZrsKmYBDcKOUQhwCMMrDYIM0nK43gcfI4GI0ocMQMACPo4IQMvB4a1vldQuEyEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwUIPBAAWMEGTRgYARwCuMMTDI5pORVCJ54ARgCcAJnoAPACzV6shcrE4IBfmJApgBgGz7PtY9X1jSnpjQwwwAgBjGHgAOQBBVikOUgoEtBBFSKcuKBwoRRQkOAMM9W0iVPgWPC5FMGj4aTw0SLdQAgBzHQp9RmNPCxYQToEhACsWlC42eBsAdxgkQmJyeFpPen00ADcCFbWfHz8Ao2oLT2MmbbY96LXaWkpPa8paal9KM5PaDBGYPYweaHNB4OwCe4UMKRDgEMZOFwQdpeY7+QJfJ6tWFjEDAAg7OCEXLwJGdX63KIxMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwUIPBAAWMEGTRgYARwCuMMTDI5pORVCJ54ATib0AHgCZK9WQuVicEAvzEgUweAEYAbJ9qnqb8-Sm+hhgBADGMPAAcgCCrFIcpBSxaCCKYfZcUDhQiihIcO6p6tpESfCmHmh4XIpgEfDSeGhhzqAEAOY6FG6MlQAsLCAdAkIAVs0oXGzwlgDuMEiExOTwtB70bmgAbgTLq57evm5u+tT9HqZMW2y7Eau0tJQe15S01B5Pp3S+tBjDMF2MDmB2q1gE9x6ljCHAIo3sjggbXcXk+x3MbmYLVhoxAwAI2zghCy8CRHT+t3CkTIQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeJwBucdiG6YwMAI4BXGIVIp8IVfKglC8AJwAGfegCsx-dLmLl+CIn7KQvYPACMANndU6NF3TN1zNBB2ckoAOQBBbDBEAGMYeEjMEHlY204ofCh5XgAjOFdkjS0IUMLCTnkwePh1QkxYx1BEAHMtShd9FwB2N10aZJaBIQAret5ONHhzAHcYXOJSCmo3LswRREXl909vFxd+xjc6bpdWGA345aoqYzdT41o3W4OaLzfsECGNmBntzEIlgEVw6Z1i7EQw1s9ggTVcHmeez8BzoDQhwxAwEQYjAxAy8FhLSo50uCRQQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5627 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69700
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Mon, 22 Mar 2021 07:23:45 GMT
37efa81e-76de-494b-9dcf-e352c2a0f4c0.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		14 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/37efa81e-76de-494b-9dcf-e352c2a0f4c0.jpg?crop=373:281,smart&width=373&height=281&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0f6e274248556142c8168d15b17294dde141eac98963a5cb076f263c7c3caa34

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:05 GMT
content-encoding
br
age
13388
x-cache
HIT, HIT
fastly-io-info
ifsz=38157 idim=425x318 ifmt=jpeg ofsz=13853 odim=373x281 ofmt=jpeg
fastly-stats
io=1
content-length
13369
x-served-by
cache-mdw17370-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328125.282150,VS0,VE1
etag
"Njm9Z71OzP6afh5dQ99Z3ymxjp/v/7Zpx3i4pBybsGU"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 1
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeJwBucdiG6YwMAI4BXGIVIp8IVfKglC8ERRidpcxcvwRE-ZSF7B4ARgBsjqnRp26AVgAMdKqxgg7OSUAHIAgthgiADGMPDhmCDy0eacUPhQ8rwARnD2iRpaEMHw3piEnPJgsfDqhJjR1qCIAOZalHZedgDsDgCcNIktAkIAVvW8nGjwXpgA7jDZxKQU1A5dmHrLq47OrnZ2A4wOdN12-nqxq1RUHg5nHrQOt4c0Lm-YIMN6MHM75cYBFcOnQGuxECNzJYIE17E5nvtPKc+mCIYIQMBEGIwMQ0vAYS0-GhLnEUEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_error
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_error?wklz=A4QwTgLgdgpmC8wBGBbAZKSswH0DOAlhDDgQCbwCsAHAMwAMtA7GmTMADYD2AnijFAjwuANzgcQPNGBgBHAK4w8xMjhCr5UInngjyMLtLmLlOCAX7KQKYPACMANke0ATNTsvK9NxjAEAxjDwAHIAgqwwIBykFGFoIPL+5lxQOFDyKEhw9vEaWhAxVPRoeFzyYIHw6nho-tagBADmWhR29HZMDgCc1PGNAkIAVjUoXGzwxQDuMEiExOTwtA7taHpzC47ObnZ2PQAsDi5MdhF6gQu0tJQOx5S01A5Xu3RutBgg-XowkxslxgLnVpvfwcAgDcyWCD1exOR7bTxuFy1UEDEDAAhiMCEFLwKGNN5sM5BMhAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:04 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 5627 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5627
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFc1uwAAALEa_VLS
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFc1uwAAALEa_VLS
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616328125.366589,VS0,VE0
x-served-by
cache-hhn4025-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFc1uwAAALEa_VLS
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
v1
ads.yahoo.com/cms/ Frame 5627
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMJ4123X-R-1XND&sigv=1&esig=2~bff700a5eff1a0b2fcd1fe693e6d339a684f0a16
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMJ4123X-R-1XND&sigv=1&esig=2~bff700a5eff1a0b2fcd1fe693e6d339a684f0a16
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:05 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMJ4123X-R-1XND&sigv=1&esig=2~bff700a5eff1a0b2fcd1fe693e6d339a684f0a16
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5627
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWJkOTllNTBlNGM2MGVmYzI3YzBiY2RmN2UwZGI1OWVjZThmMDA0OA
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWJkOTllNTBlNGM2MGVmYzI3YzBiY2RmN2UwZGI1OWVjZThmMDA0OA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWJkOTllNTBlNGM2MGVmYzI3YzBiY2RmN2UwZGI1OWVjZThmMDA0OA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5627 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 5627
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/pRph-7tfcJucXpCBYRi4ww?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8969918017866253502
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8969918017866253502
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Sun, 21 Mar 2021 12:02:05 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8969918017866253502
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5627
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01KNDEyM1gtUi0xWE5E
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5627
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJDWX9iQ6hEV1pzyMYp11Y&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJDWX9iQ6hEV1pzyMYp11Y&google_cver=1
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJJDWX9iQ6hEV1pzyMYp11Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeJwBucdiG6YwMAI4BXGIVIp8IVfKglC8AJwAGfegBsh6XMXL8ERP2UheweAEZjrqnRrO6AVn1NWGBB2ckoAOQBBbDBEAGMYeEjMEHlYm04ofCh5XgAjOBdkjS0IUPhjKkxCTnkwePh1QkxYh1BEAHMtSmd9ZwB2Y10aZPaBIQArJt5ONHh9TAB3GFziUgpqU2dMEURV9dd3T2dnIcZjOj6ttB349aoqH2NLn1oKnxOaD0-sEFGdmAW+yqFgEt26LFi7EQYxsdggrRcbgqR18VAMzShYxAwEQYjAxAy8Hh7Uq1ziCRQQA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeLxCEIACxggUmMDACOAVxhiYKfNPyKoJQvACMANgAMx9AFZTshcrH4IifmJC9gBw0ap0a+upaasUuzklAByAILYYIgAxjDwEZggijEOnFD4UIq8AEZwBknq2iQh8IaYhJyKYHHw0oSYMS6giADmOpT6xl6GjADsSa0CQgBWDbycaPDGmADuMDnEpBTUJvqYAG6ISytGnt76+gCcNIyGdH3raFtxK1RU5oaX5rSGD8c0Xp-YIENbMLNdhUbAJbp1zI12Ihhg4nBBmu59j4-IwfJDoYIQMBEBs4MR0vB4a0qIEbvEUEA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		22 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&r=%7B%22id%22%3A%229a4bd43cffba%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22104f7214a7f4af2%22%2C%22ext%22%3A%7B%22siteID%22%3A512884%2C%22sid%22%3A%22375x211%22%7D%2C%22bidfloor%22%3A0.55%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22w%22%3A375%2C%22h%22%3A211%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22name%22%3A%22RawStory%22%2C%22domain%22%3A%22rawstory.com%22%2C%22sid%22%3A%227870%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f40d9087d18669ee9be744b04156f4fca94987fc83ef80b6fed8259477ccfc0c

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[FR], RC:[IDF], CN:[EU], CIP:[217.138.207.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
x-ak-client-geo
28
expires
Sun, 21 Mar 2021 12:02:05 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
292699
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/292699
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 21 Mar 2021 12:02:05 GMT
X-SpotX-Timing-Transform
0.001049
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://crooksandliars.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000443
X-fe
059
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000034
X-SpotX-Timing-Page
0.011330
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000485
Last-Modified
Sun, 21 Mar 2021 12:02:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000340
X-SpotX-Timing-SpotMarket-Primary
0.004554
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'crooksandliars.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.004385
X-SpotX-Timing-Page-Exception
0.000027
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004554
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
773113a8993ac672bea6088b7db6c332c65cc8b7da1a258072d9efd35d91e650
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid
2802b6ad-8816-486e-984e-94e82f25f36b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20615038&referrer=https%3A%2F%2Fcrooksandliars.com%2F&us_privacy=1---&imp_id=980a6130-2c24-4ac3-8595-74855a08c8b6&cb=1616328125505
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:05 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid
42ae94d1-b414-4b85-b991-f1ae6e66f1e0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		58 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
437b19e621e441f57b0b9d437de90b4038a4a7c7b9b98671113dc8a9a1ffe824
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:05 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
58
x-xss-protection
1; mode=block
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:05 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeLxCEIACxggUmMDACOAVxhiYKfNPyKoJQvACMATjoAGdIxonZC5WPwRE-MSF7ADANn3uqdGvroArCaBrFLs5JQAcgCC2GCIAMYw8DGYIIoJDpxQ+FCKvABGcAZp6tokEfAA7JiEnIpgSfDShJgJLqCIAOY6lPomPu6MNSBdAkIAVq28nGjwVgDuMAXEpBTU7ib6mABuiKvrXl4+fkY0jO50Vdtoe0nrVFQB7tcBtN4BZydU2KMwezAFodajYBPc+u42uxEOMHE4IB0PMdfP4AgEaAEoTDBCBgIgdnBiNl4Aiuj9bolkiggA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeLxCEIACxggUmMDACOAVxhiYKfNPyKoJQvABuFGJ1kLlY-BET8xIXsHgBGAGwuqdGo7oBWAAw-WKXZySgA5AEFsMEQAYxh4CMwQRRirTih8KEVeACM4JyT1bRIQ+G8aTEJORTA4+GlCTBi7UEQAcx1KR193Z0YAdiS2gSEAK0beTjR4X0wAdxgc4lIKamdfR0xDZdWXNw9HRwBOGkZnOn7NtEM41aoqb2dL71pnB+Oad0-sEGHDGDmu0qZgEty6gxi7EQIysNggLScrjeBx8TwhUJGIGAiH0cGI6Xg8LaVECN3iKCAA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
st
capi.connatix.com/tr/ Frame A4A2 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
bid_none
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/bid_none?wklz=A4QwTgLgdgpmC8BLKATGAPAZKSswH0BnRCGfRFeAZgA4AmOgFkczWABsB7ATwFsYoEeLxCEIACxggUmMDACOAVxhiYKfNPyKoJQvACcAdgAM6OgFZjshcrH4IifmJC9g8AIwA2L1To13FsZ0nqxS7OSUAHIAgthgiADGMPAxmCCKCQ6cUPhQirwARnAeaeraJBHwwZiEnIpgSfDShJgJLqCIAOY6lO7Gvp6MhmmdAkIAVi28nGjwVgDuMAXEpBTUnsbumABuiCtrXj5+7u76NIyedIZbaLtJa1RU5p7X5rSeT6c0vt-YIKO7GDzA41GwCe69GitdiIMYOJwQdoebwfY4WQz+aGwwQgYCIbZwYjZeCIzpUUJ3ZIoIA
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.255 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fasthttp /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
via
1.1 google
server
fasthttp
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:05 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
11
x-xss-protection
1; mode=block
generic
match.adsrvr.org/track/cmf/ Frame CA34 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame CA34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFTjKcSMRgcJVBMzYAsOJi8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFTjKcSMRgcJVBMzYAsOJi8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.89.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFTjKcSMRgcJVBMzYAsOJi8&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CA34
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM2Mzc3Njc4OTc0Mjk3NDkwMDQ%3D
date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame CA34 		42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=13637767897429749004&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:05 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 785803C483FB47CDB45ECC8A57724A46 Ref B: FRAEDGE1411 Ref C: 2021-03-21T12:02:06Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame CA34
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/13637767897429749004?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-OzH3O8dE2oTv6ySBoTFvQZ7WRzLaDUtymPG0RqPy7w--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-OzH3O8dE2oTv6ySBoTFvQZ7WRzLaDUtymPG0RqPy7w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.89.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 21 Mar 2021 12:02:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-OzH3O8dE2oTv6ySBoTFvQZ7WRzLaDUtymPG0RqPy7w--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CA34
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2417220075358525530&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2417220075358525530&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.89.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:06 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid
d9e70feb-6f28-4946-8878-b00d5f87925c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2417220075358525530&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame CA34
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=13637767897429749004
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13637767897429749004&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13637767897429749004&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:06 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=13637767897429749004&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame CA34
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.89.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame CA34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=13637767897429749004
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame CA34 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=13637767897429749004
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync.html
cdn.undertone.com/js/ Frame B40D 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:1600:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

content-type
text/html
date
Sat, 20 Mar 2021 16:00:01 GMT
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
TkjEKyD3vMPTDoOtZVa230q4ViyE9o7ySuvVAjueaT_zVILQb0SgYA==
age
72126
sync_iframe
sync.bfmio.com/ Frame F13F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.41.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
sync.bfmio.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Date
Sun, 21 Mar 2021 12:02:06 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 27B0 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://crooksandliars.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=ADDF08B6-9C4D-43D7-BF9A-6F0DFF89849A; KRTBCOOKIE_57=22776-2417220075358525530; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&22987-CAESEPCi-xcEQ6Bi0xiaXSDG9uE&KRTB&23025-CAESEPCi-xcEQ6Bi0xiaXSDG9uE; KRTBCOOKIE_153=1923-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&19420-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4&KRTB&22979-fYjWxXiNgcRmjdeWc9zOlniM0ZBmj9HCfNnYhvT4; KRTBCOOKIE_107=1471-uid:acwKyzfL1LnWMp5; KRTBCOOKIE_22=14911-4154356464347799715; KRTBCOOKIE_27=16735-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&16736-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23019-uid:99d46057-35b9-4200-a11f-847c226f05f9&KRTB&23114-uid:99d46057-35b9-4200-a11f-847c226f05f9; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_1074=22956-e_c7d34ffe-d990-480c-84c9-1e9018ccb095; SPugT=1616328121; KRTBCOOKIE_377=6810-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&22918-2144b0f9-7384-4fe3-957b-c09e28dafef7&KRTB&23031-2144b0f9-7384-4fe3-957b-c09e28dafef7; KRTBCOOKIE_218=22978-YFc1uwAAALEa_VLS&KRTB&23194-YFc1uwAAALEa_VLS&KRTB&23209-YFc1uwAAALEa_VLS&KRTB&23244-YFc1uwAAALEa_VLS; KRTBCOOKIE_466=16530-c3ce442b-1b44-4174-b7a9-6d407f054e0d; KCCH=YES; pi=109126:3; chkChromeAb67Sec=2; DPSync3=1617494400%3A226_221_201_227_219_197%7C1616371200%3A174; SyncRTB3=1618876800%3A203%7C1616889600%3A67_223_2_15%7C1617580800%3A35%7C1617148800%3A63%7C1621468800%3A69%7C1617494400%3A7_3_22_54_189_176_13_56_78_204_21_88_230_81_104_55_71_165_99_8_5_166_161_220_222_57; KRTBCOOKIE_594=17105-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003&KRTB&17107-RX-a675f1e5-1fb1-4524-8959-d5ab3bc5682b-003; PugT=1616328125; KRTBCOOKIE_391=22924-4162373345338025050&KRTB&23263-4162373345338025050
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=55158
Expires
Mon, 22 Mar 2021 03:21:25 GMT
Date
Sun, 21 Mar 2021 12:02:07 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame EE9A 		1007 B
862 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
26b835c4de69cfbb58fa5673537ec4d42c30cc10c4d65867178bdb0855f296ba

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=673d51cb-5b46-0154-03a2-efc389615f87|1616328118
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=673d51cb-5b46-0154-03a2-efc389615f87|1616328118; Version=1; Expires=Mon, 21-Mar-2022 12:02:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1616328126|mOgegqnskin0vNomiygu; Version=1; Expires=Mon, 05-Apr-2021 12:02:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sun, 21 Mar 2021 12:02:06 GMT
content-type
text/html
content-length
545
content-encoding
gzip
via
1.1 google
alt-svc
clear
205608d6-626d-acea-68a3-31de1211a133
pr-bh.ybp.yahoo.com/sync/openx/ Frame EE9A 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/205608d6-626d-acea-68a3-31de1211a133?gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EE9A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://eu-u.openx.net/w/1.0/sd?id=537072979&val=acwKyzfL1LnWMp5
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=acwKyzfL1LnWMp5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:07 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:06 GMT
Server
PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-018eb1938ecb3107d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=acwKyzfL1LnWMp5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EE9A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=c3ce442b-1b44-4174-b7a9-6d407f054e0d
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=c3ce442b-1b44-4174-b7a9-6d407f054e0d
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=e7365d44-724c-4a56-aa5a-75473a343a2c&user_group=1&ssp=openx&bsw_param=c3ce442b-1b44-4174-b7a9-6d407f054e0d
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=c3ce442b-1b44-4174-b7a9-6d407f054e0d
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=c3ce442b-1b44-4174-b7a9-6d407f054e0d
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//us-u.openx.net/w/1.0/sd?id=537072968&val=c3ce442b-1b44-4174-b7a9-6d407f054e0d
date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
match.prod.bidr.io/ Frame EE9A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEiN07ArmsAABBAmdGx9Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.192.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:07 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 21 Mar 2021 12:02:07 GMT
X-lat
lhrpug007:0:512
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
sd
eu-u.openx.net/w/1.0/ Frame EE9A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=333f6057-35b9-4900-ad7b-6e4be1ba412f
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=333f6057-35b9-4900-ad7b-6e4be1ba412f
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 21 Mar 2021 12:02:59 GMT
Server
MT3 3611 f10363c master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=333f6057-35b9-4900-ad7b-6e4be1ba412f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 21 Mar 2021 12:02:58 GMT
sd
us-u.openx.net/w/1.0/ Frame EE9A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YRrppWQfvqR6H-j2b07x9mQe7vB6He6iYEtZ2zcQ
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YRrppWQfvqR6H-j2b07x9mQe7vB6He6iYEtZ2zcQ
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=YRrppWQfvqR6H-j2b07x9mQe7vB6He6iYEtZ2zcQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EE9A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162373345338025050
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162373345338025050
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4162373345338025050
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame EE9A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=b4916e92-f2c1-3ea3-5974-272bed466c7a&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EE9A 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OThmZWJkNTgtM2JiNi02MDA3LTRjOTQtN2Q5MjI3YTRhMjFh
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EE9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENy0WjevipAcCXF385yM-g&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENy0WjevipAcCXF385yM-g&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=d7066e05-92d3-4e83-b4f2-cbee552a2f6b&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.203.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
via
1.1 google
server
OXGW/16.203.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENy0WjevipAcCXF385yM-g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 5A5D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
khaos=KMJ4123X-R-1XND; rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCu3J56GbFHOusT2oB2HGEUTAXS+RTV6r8gI62G1ApUF7VZeOex0kzD72YK4xMsWvCP6IYwzAXu7xkBJ/OkD00vteYsduhMpCB4fw; ses2=; vis2=238568^1; audit=1|SDziDG3X/EiDwyX1CJjb2dna3loNM4GcGqqasbK4pIGY7dA5Tlr4IVaaLTqMTqugQpiuKe1Ic77gcRgjl6EitdYb/ZfPzBFUpmvllXEtYN4=; ses15=; vis15=238568^1; pux=2249%3D98341%262307%3D98341%262974%3D98341%263778%3D98341%26brx%3D98341%262249-DV360-Hosted%3D98341%26idl%3D98341%26goog%3D98341%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Mar 2021 12:02:08 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sun, 21 Mar 2021 12:02:07 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame B40D
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2417220075358525530
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2417220075358525530
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.134.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:07 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:06 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.187:80
AN-X-Request-Uuid
6b210d00-a807-4725-8ba2-0acad0ed7997
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=2417220075358525530
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame B40D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=fffc09b5-f26e-02c0-33f1-38ec1aea4c28
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=fffc09b5-f26e-02c0-33f1-38ec1aea4c28
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.134.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Sun, 21 Mar 2021 12:02:06 GMT
content-encoding
gzip
server
OXGW/16.203.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=fffc09b5-f26e-02c0-33f1-38ec1aea4c28
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame B40D
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-YAtaKkpE2uEtYStK0NOjD_.Ir_.3vwTE~A~UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
0
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-YAtaKkpE2uEtYStK0NOjD_.Ir_.3vwTE~A~UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.134.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:07 GMT
x-envoy-upstream-service-time
2
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sun, 21 Mar 2021 12:02:06 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-YAtaKkpE2uEtYStK0NOjD_.Ir_.3vwTE~A~UP3fc18f68-8a3d-11eb-a2a1-028ea906965a
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame B40D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&ttl=1618920126
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&ttl=1618920126
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.134.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:06 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=2144b0f9-7384-4fe3-957b-c09e28dafef7&ttl=1618920126
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame B40D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame B40D
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=677e50c13082c85c1b426c153ed9828eee0460b2
0
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=677e50c13082c85c1b426c153ed9828eee0460b2
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.134.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:07 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=677e50c13082c85c1b426c153ed9828eee0460b2
Date
Sun, 21 Mar 2021 12:02:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:02:06 GMT
content-length
2
content-type
text/plain
SPug
simage4.pubmatic.com/AdServer/ Frame D914 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Sun, 21 Mar 2021 12:02:05 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 27B0 		47 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=13105213&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:06 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
47
Content-Type
text/html; charset=UTF-8
collect
www.clarity.ms/cus/ 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/cus/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/cus/s/0.6.10/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::19 , United States, ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://crooksandliars.com
date
Sun, 21 Mar 2021 12:02:07 GMT
access-control-allow-credentials
true
x-powered-by
ASP.NET
x-azure-ref
0wDVXYAAAAADAWKubwV7fRY2OLvKPkBhdRlJBRURHRTEwMTgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
v2bqamY8OH_0q8Gur0rBlR3Yrmymr-HagBOvZL_PtQuivKIxYDtGPf-rbufl4KtT1P8LWv0n2dE4B_SxB
glisteningguide.com/ 		216 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2bqamY8OH_0q8Gur0rBlR3Yrmymr-HagBOvZL_PtQuivKIxYDtGPf-rbufl4KtT1P8LWv0n2dE4B_SxB
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d7b5ad7fd5f9f5c156c2dda9daedc77f9967c91199d66295aad3c51b6e06fd76
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Sun, 21 Mar 2021 12:02:08 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
711b148b
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Sun, 21 Mar 2021 12:02:07 GMT
usync.js
eus.rubiconproject.com/ Frame 5A5D 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:02:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=69697
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Mon, 22 Mar 2021 07:23:45 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 5A5D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
v2bjznhXNn-hPnpzNk4aoV7PZHEOIWcJPFbfKvLJEqVXe8Ui_H8AnwhjWVpydA1RSz195qJGBNTqhxeeh
glisteningguide.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2bjznhXNn-hPnpzNk4aoV7PZHEOIWcJPFbfKvLJEqVXe8Ui_H8AnwhjWVpydA1RSz195qJGBNTqhxeeh
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
f70c18497b92a05704aaf743e7e4ab50d52b4125707904a683bedc2fc57d239d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
date
Sun, 21 Mar 2021 12:02:08 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
x-hostname
711b148b
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
1323
Sticky2
glisteningguide.com/v2ymkDuS7AZuKkf-b6BCp5DqdeDw6dXIb6OWLg62-CxmqQkFwTMGLttqHgqbXJidFVCUM1bmQRMhqZs__/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glisteningguide.com/v2ymkDuS7AZuKkf-b6BCp5DqdeDw6dXIb6OWLg62-CxmqQkFwTMGLttqHgqbXJidFVCUM1bmQRMhqZs__/Sticky2
Requested by
Host: d1bvk193qme2fc.cloudfront.net
URL: https://d1bvk193qme2fc.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
47998b8a599a597274cbfef4a5070c786f5dabf9dd8dd4342c9e6b786a82dc2c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Origin
https://crooksandliars.com
Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"995ff68009bbd0b3dd860de08c3d0c520234088aa083f244d2d03ee87e63c12e"
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
x-hostname
711b148b
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
date
Sun, 21 Mar 2021 12:02:08 GMT
MywwMTFkMzA4NmE2MTc
images.getadmiral.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.getadmiral.com/MywwMTFkMzA4NmE2MTc
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5074fade910f40c6d3d087a1ec63ff87eabf176ef237e406657ba7a3600412fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9192
cf-request-id
08f643118400001776d6bf7000000001
server
cloudflare
x-datacenter
gce-europe-west1
etag
"8d99e6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NSCY%2FXmeKvYYY6LOMgHw3VAFOJPeFjQGHcB4nOqJd%2FhWk9iQRiKYd1vvHh3L%2FIj0fbcS%2FyEaF%2FwTgek7t7VisP%2Fg2guyqzPC6%2Bo7wtgYbWHz2rVfqGtEZcPe8ehUQH6SCuo%3D"}],"max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
private, must-revalidate, max-age=300
x-hostname
cole
cf-ray
633707959b2e1776-FRA
g
capi.connatix.com/rtb/ Frame A4A2 		215 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
15d32fc474c2bdef791fd73e76fb57188710bbf2469070a22869d58d09b721ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
176
dc_oe=ChMIiKbfu6vB7wIV_cO7CB010QjJEAAYACDwkrBE;met=1;&timestamp=1616328131126;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 400C 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiKbfu6vB7wIV_cO7CB010QjJEAAYACDwkrBE;met=1;&timestamp=1616328131126;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIiIjiu6vB7wIVUUHgCh2lfguREAAYACCutI9E;met=1;&timestamp=1616328131171;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FE9C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiIjiu6vB7wIVUUHgCh2lfguREAAYACCutI9E;met=1;&timestamp=1616328131171;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6a38171a-a72b-499d-b53b-3c0783e096b4.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/6a38171a-a72b-499d-b53b-3c0783e096b4.jpg?crop=373:281,smart&width=373&height=281&format=jpeg&quality=60&fit=crop
Requested by
Host: crooksandliars.com
URL: https://crooksandliars.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
711d2caf54c6729d02ce6e3d1fcc75d43986d0890947ba9326c2a07d13b54823

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:11 GMT
content-encoding
br
age
13392
x-cache
HIT, HIT
fastly-io-info
ifsz=159112 idim=1000x564 ifmt=jpeg ofsz=16171 odim=373x281 ofmt=jpeg
fastly-stats
io=1
content-length
15712
x-served-by
cache-mdw17361-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328132.667682,VS0,VE1
etag
"WgwmGeQujRCvowsmAafn8lFzXZRAAeciPCfWxqHhlWc"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
st
capi.connatix.com/tr/ Frame A4A2 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=108993
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.58.182 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Sun, 21 Mar 2021 12:02:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://crooksandliars.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6512936480753445&plah=crooksandliars.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
239bcd0c0ce43a6d89d495b5bf56e309b6b3c4c2c8f1bb33a18d38575ccc2f3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 21 Mar 2021 12:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6482
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 21 Mar 2021 12:02:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 552E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202103091517/wrap.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://crooksandliars.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://crooksandliars.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sun, 21 Mar 2021 11:51:52 GMT
expires
Mon, 21 Mar 2022 11:51:52 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
623
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame 552E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Mar 2021 19:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
58128
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Sun, 20 Mar 2022 19:53:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=380682836778858&bg=!T0ylTAjNAAbUo7L91KM7ACkAdvg8WqV6ay8X8s06bBiVQ3ruNByOmy5YM6Q4-aN-amcKZ-Jb1qruiQIAAABOUgAAAAxoAQcKAKJnqCDSfkY_eG9NYA-gRpawYTjFFpiG_iptnmnUEIqfFGXZbr7-TpNqn5R9UHki32cS5zlyAGj8sFuQOlC6f865ucaixkEZ2p1SgeM2oFNzqPTTnRWOkiAwa9AjVQUkfy7Dim9CYH0CgdXw0UtUfrCIf1AzOvkFwEr8iyZ1GRjyZn2fFoKXKbd8g_kC7bgxXDrFgIApDFbzuJ0P0z2i3K2S-bKZAdHndPAp95fRDCmGKijnvVyqbEqZfsMEY7EosRQh1XYbSqJCuQu8cC-EdtYcbAmCIMT7KD4wgQiaaNVGT6DXLHzZEQNbTedt_KarpQgekjeKkqewMxKNsXUMr_R8g_bJSYuBW9Z5mUQa39wiiO2FeuZJ0pLvC6PC4oxXNwfLVmElnwfISkSl4Pgn5Lhhli0SQ8Qbb3GsIPqFOeVztB62FgfFab5YWKCeGA7EpalgU8HsPuyzbYPOvQdFsGYNfOQrAw2NHTOD5gZPgObQi3JDgz6uMYS6F-4DywtgdxrV61Ec2fZa-c5MxCLYKyHDdBAhXGAyTtQVIQiayXza95CNxJFQ4jFBfr6QZDDaPWTVdlfDg_QkHQne0txBjhnSbll9Mm8SbmLmeXK2LYEtPebFU5lqYmm2fEsTLBh1w1Ii9ddq9ejFXHAW64yLyeLEVgUc4J1uQI8I5kc5-xGP6q_igtLu9I94chECGzqZUYZ7Jb5J-Ot02Sp84K73Tuz_Tls7fPI-RvYrqrZECKOmNsVZ8nIgJTBjz8b760bR449xPyr4KohtaYk61JKIZlqnGfj-iFkRjUWgYCzx8miJVxMJZCXIuc4MRwLP0Lvp8PsFxGsyJ08
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
06549e4e-1790-46a1-bd74-f459502d8ce4.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/06549e4e-1790-46a1-bd74-f459502d8ce4.jpg?crop=373:281,smart&width=373&height=281&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
265bc239708f74bf4e51ee68b548578e06c90cfcca055767cc10bcf0ec3d1523

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:18 GMT
content-encoding
br
age
13393
x-cache
HIT, HIT
fastly-io-info
ifsz=130560 idim=1140x798 ifmt=jpeg ofsz=17458 odim=373x281 ofmt=jpeg
fastly-stats
io=1
content-length
17086
x-served-by
cache-mdw17330-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328138.049116,VS0,VE1
etag
"fWN8k8ZA8V6edKnVvHNjWOY9CMTJMV+AE1EhpEUYMp8"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
1, 1
cygnus
htlb.casalemedia.com/ 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&r=%7B%22id%22%3A%2217a5dd2ce4014cb%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22181116ef24b49c5%22%2C%22ext%22%3A%7B%22siteID%22%3A512884%2C%22sid%22%3A%22375x211%22%7D%2C%22bidfloor%22%3A0.55%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22w%22%3A375%2C%22h%22%3A211%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22name%22%3A%22RawStory%22%2C%22domain%22%3A%22rawstory.com%22%2C%22sid%22%3A%227870%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c6841ac4a555d56aba69a9c34c3aa35b8294c193e7b391f0b4d4a9c05459ae04

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:18 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[FR], RC:[IDF], CN:[EU], CIP:[217.138.207.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
28
expires
Sun, 21 Mar 2021 12:02:18 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
292699
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/292699
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 21 Mar 2021 12:02:18 GMT
X-SpotX-Timing-Transform
0.000318
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://crooksandliars.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000497
X-fe
052
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000042
X-SpotX-Timing-Page
0.016195
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000346
Last-Modified
Sun, 21 Mar 2021 12:02:18 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000309
X-SpotX-Timing-SpotMarket-Primary
0.004785
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'crooksandliars.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.009860
X-SpotX-Timing-Page-Exception
0.000023
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.004785
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
c608cfb7e1953eebb51ed8410a0c4a063bbc777dc20c63867b15f36b66edeab5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:18 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid
0e0384d0-0dd3-49fa-8218-537bfefa1155
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20615038&referrer=https%3A%2F%2Fcrooksandliars.com%2F&us_privacy=1---&imp_id=1193da26-8ba6-45a5-9fd5-4c2469c87ee8&cb=1616328138451
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:18 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.44:80
AN-X-Request-Uuid
cf4a6245-0437-4b97-9c21-2949b107cc76
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		57 B
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6cd4f33dc771a78d4069b7ccd94aebeb138e048a6df73a47f799af5666dcba4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:18 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
57
x-xss-protection
1; mode=block
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:18 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:18 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:19 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
11
x-xss-protection
1; mode=block
3
rtb.avantisvideo.com/api/v1/usersync/setuid/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=$UID&suid=b0af586d-81de-4a36-b523-804801c3316c
  • https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=1334090924265010990&suid=b0af586d-81de-4a36-b523-804801c3316c
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=1334090924265010990&suid=b0af586d-81de-4a36-b523-804801c3316c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:18 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid
9ebc5c27-efcf-4d2d-bfa1-1a8d6520071e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.avantisvideo.com/api/v1/usersync/setuid/3?uid=1334090924265010990&suid=b0af586d-81de-4a36-b523-804801c3316c
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:02:19 GMT
content-length
2
content-type
text/plain
cygnus
htlb.casalemedia.com/ 		24 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&r=%7B%22id%22%3A%2225c7e7974fa759%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222685c481dfabccb%22%2C%22ext%22%3A%7B%22siteID%22%3A512884%2C%22sid%22%3A%22375x211%22%7D%2C%22bidfloor%22%3A0.55%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22skippable%22%3Afalse%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22w%22%3A375%2C%22h%22%3A211%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcrooksandliars.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22name%22%3A%22RawStory%22%2C%22domain%22%3A%22rawstory.com%22%2C%22sid%22%3A%227870%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b1459305b24ea0174e5b2f082512891f682e5d9dca976854e2a54a6f116baa7

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:20 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[FR], RC:[IDF], CN:[EU], CIP:[217.138.207.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://crooksandliars.com
x-cs-client-geo
28
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
28
expires
Sun, 21 Mar 2021 12:02:20 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
292699
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/292699
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

X-spotx-Exception-RESULT
exception
Date
Sun, 21 Mar 2021 12:02:20 GMT
X-SpotX-Timing-Transform
0.000271
X-spotx-Exception-Message
SpotMarket execution was halted.
Access-Control-Allow-Origin
https://crooksandliars.com
X-spotx-Exception-global_blacklist-RESULT
failure
X-spotx-Exception-global_blacklist-ID
SPOTMARKET.BLACKLISTED
X-SpotX-Timing-Page-Require
0.000280
X-fe
061
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000021
X-SpotX-Timing-Page
0.008404
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000274
Last-Modified
Sun, 21 Mar 2021 12:02:20 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-Mux
0.000320
X-SpotX-Timing-SpotMarket-Primary
0.003539
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
X-spotx-Exception-global_blacklist-Message
The referer 'crooksandliars.com' is blacklisted.
X-SpotX-Timing-Page-Misc
0.003665
X-SpotX-Timing-Page-Exception
0.000018
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
X-spotx-Exception-ID
SPOTMARKET.HALTED
Access-Control-Allow-Headers
X-SpotX-Timing-SpotMarket
0.003539
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
2ce4c955d9c6e0e05ebd21e3d0de0978b748ebdda95936e1f87b53155b5bc49b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:20 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid
c9fb619f-b8ef-43bf-bc00-f23e91089852
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=20615038&referrer=https%3A%2F%2Fcrooksandliars.com%2F&us_privacy=1---&imp_id=dd1242f7-3f71-4d52-a1e6-f17ad40ff025&cb=1616328140001
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN (),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 Mar 2021 12:02:20 GMT
X-Proxy-Origin
217.138.207.148; 217.138.207.148; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid
7b4460b6-7557-473d-b60e-63bd6a8a4cf7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://crooksandliars.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
rtb.avantisvideo.com/api/v1/usersync/ 		58 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
be53de2f9f3c06495a864e0fee7259beabe8f15d10e268509c3003c762128013
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:20 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
58
x-xss-protection
1; mode=block
getuid
rtb.avantisvideo.com/api/v1/usersync/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/usersync/getuid?ssps=3
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:20 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
getbid
rtb.avantisvideo.com/api/v1/auction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Protocol
H2
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://crooksandliars.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 21 Mar 2021 12:02:20 GMT
vary
Origin
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
getbid
rtb.avantisvideo.com/api/v1/auction/ 		11 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.avantisvideo.com/api/v1/auction/getbid
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.227.155 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Mar 2021 12:02:20 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-download-options
noopen
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://crooksandliars.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
content-length
11
x-xss-protection
1; mode=block
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/the-pun-cr.js?tagId=3&id=419955f2-1ca2-4dd8-a68e-332882485bbd&subId=&callback=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Sun, 21 Mar 2021 12:02:21 GMT
content-length
2
content-type
text/plain
dc_oe=ChMIiKbfu6vB7wIV_cO7CB010QjJEAAYACDwkrBE;met=1;&timestamp=1616328141125;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 400C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiKbfu6vB7wIV_cO7CB010QjJEAAYACDwkrBE;met=1;&timestamp=1616328141125;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIiIjiu6vB7wIVUUHgCh2lfguREAAYACCutI9E;met=1;&timestamp=1616328141172;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame FE9C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiIjiu6vB7wIVUUHgCh2lfguREAAYACCutI9E;met=1;&timestamp=1616328141172;eid1=2;ecn1=0;etm1=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Mar 2021 12:02:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1175d3d2-723b-4923-812b-60c977d6fb38.jpg
img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/7fabf066-9119-47b6-8d5a-54f2dec2ab75/1175d3d2-723b-4923-812b-60c977d6fb38.jpg?crop=373:281,smart&width=373&height=281&format=jpeg&quality=60&fit=crop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc67b05c5b2edca5905fba0e3d3d02dd9610aa3c12854a2cbdcd96eaa03f0e72

Request headers

Referer
https://crooksandliars.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Mar 2021 12:02:24 GMT
content-encoding
br
age
13405
x-cache
HIT, HIT
fastly-io-info
ifsz=58330 idim=1200x674 ifmt=jpeg ofsz=14770 odim=373x281 ofmt=jpeg
fastly-stats
io=1
content-length
14369
x-served-by
cache-mdw17324-MDW, cache-cdg20741-CDG
access-control-allow-origin
*
x-timer
S1616328144.431114,VS0,VE1
etag
"r4excZGcMtvI25SZHhc/Y8MVfWIGfNJpHQwDzGzPC20"
content-type
image/jpeg
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31557600
accept-ranges
bytes
x-cache-hits
2, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bids.proper.io
URL
https://bids.proper.io/api/bidding
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
ssc.33across.com
URL
https://ssc.33across.com/api/v1/hb
Domain
bids.proper.io
URL
https://bids.proper.io/api/bidding
Domain
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
URL
https://4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com/safeframe/1-0-37/html/style.css
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPpYfvt59q5G-3h6jd47fbE&google_cver=1&google_push=AQvitULFZYyNCKGYw7Qdk8OFVbM_ykGVaqpIu6TkqFyAhnZ9NdC4iBHX_Jo6PAUzw5KnTHtJdt_iQRLR5mtPKDetYVsuQP3ZBw8

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| admiral object| googletag number| IsClAdmSub object| CLAdmiral object| dataLayer function| gtag object| Insticator function| fbq function| _fbq object| OneSignal object| propertag undefined| script object| adsbygoogle function| cnxps object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| teadsscript function| setImmediate function| clearImmediate object| insticatorQueue undefined| embedUUID function| checkAndConfirmEmbedUUID function| embedLoad function| appendEmbedElements boolean| headerTagInjected number| insticator_tg object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga object| cnx_usr_storage boolean| payload_loaded object| gaplugins object| gaData object| InsticatorApp string| insticatorHeaderCodeVersion object| PWT object| instBid boolean| insticatorIframeLoaded object| confiant object| apstag function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| teads object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| properSpecialOps object| _qevents function| proper_log function| proper_debug_console function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant object| TraceKit function| UAParser object| device string| SYNC_ENDPOINT string| NON_MEASURABLE string| ENDPOINT_TEST number| accountId string| nm_div object| nm_script function| instBidChunk object| _pbjsGlobals number| sc_project number| sc_invisible string| sc_security number| sc_https string| scJsHost function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ZERG boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| requestType number| timeout boolean| edge string| bidder boolean| withCredentials function| proper_76f22ac1_d47332f1_1 string| proper_ad_page_uuid string| proper_ad_session_uuid object| x function| proper_34af668f_8eb63ee6_2 function| _statcounter object| ua_result object| revcontent function| renderRCWidget function| revCriteoRTUSCallback object| Drupal object| CLMediaPlayers object| CLDialog function| tb_show function| tb_remove boolean| DDHasRun function| $ function| jQuery object| gaDevIds object| CLPopup object| google function| clarity object| ads_list object| embeds_list boolean| isPageviewSent object| bouncex object| FB object| __twttrll object| twttr object| __twttr object| core object| regeneratorRuntime object| InsticatorCommenting function| onYouTubeIframeAPIReady object| json4007873 function| 4dm1r11545242527 object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| avntsWebpackJsonp number| avnts_player function| avnts_pbChunk object| avnts_pb object| jwDefaults object| webpackJsonpjwplayer function| jwplayer function| splitIndexSlots function| isSameSlot function| clearTargeting function| cygnus_index_judge function| cygnus_index_parse_res function| cygnus_index_set_targets function| cygnus_log function| index_render function| cygnus_copy function| getSlotInfo number| cygnus_tid object| index_slot_to_size object| index_slots_render object| index_slots_add string| mantis_uuid function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie string| bcx_vars function| close_bouncex_ad object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| offsetUnitIsPercent boolean| isScrollingUp boolean| isScrollingDown boolean| hasReversedWaypoint boolean| hasCrossedWaypoint boolean| crossedWaypointDown object| admrlWpJsonP object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

4 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-bTfb4Xlw43QOm26Fr7DOWghy&KRTB&23212-bTfb4Xlw43QOm26Fr7DOWghy
.pubmatic.com/ Name: PugT
Value: 1616328135
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6942076479455230101

17 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js(Line 166)
Message:
dom not ready, set up listener
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USPAPI workflow exceeded timeout threshold.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
USP CMP not found.
console-api log URL: https://global.proper.io/payloads/latest.js(Line 1)
Message:
GDPR CMP not found.
console-api log URL: https://crooksandliars.com/(Line 1283)
Message:
SENDING: xlg
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js(Line 451)
Message:
topFrame: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js(Line 212)
Message:
params: [object URLSearchParams]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js(Line 331)
Message:
Cookie enabled, set cookie
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js(Line 297)
Message:
session: [object Object]
console-api log URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/bf354797-2feb-4d2a-ad39-b31b027bc5f3/fe0b59aa-e3f5-45e6-b63b-afd37926378e.js(Line 407)
Message:
Send pageview now
console-api log URL: https://d1bvk193qme2fc.cloudfront.net/script.js(Line 1)
Message:
formatedPageview: {"timestamp":"2021-03-21T12:01:58.486Z","user_data":{"session_details":{"id":"9fb53528-c77e-4a53-9543-5ac336863e07","referrer":"","campaign":{"source":null,"medium":null,"campaign":null,"term":null,"content":null}}},"embed_context":{"site":{"id":"bf354797-2feb-4d2a-ad39-b31b027bc5f3","page_url":"https://crooksandliars.com/","hostname":"crooksandliars.com"},"environment":{"device":"DESKTOP"}},"event_data":{"type":"load","data":{"pageview_type":"HEADER_CODE_ONLY","integration_type":"HARD_CODE","ads":[],"embed":[],"header_code_version":"STANDARD-V_4_0_2-2021-03-19 23:16:28","test_group":"0"}}}
console-api info URL: https://cdn.ampproject.org/rtv/042101130138000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101130138000 https://crooksandliars.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adservice.google.fr
ap.lijit.com
api.bounceexchange.com
as-sec.casalemedia.com
assets.bounceexchange.com
assets.newsmaxwidget.com
aud.pubmatic.com
avm.avantisvideo.com
b1sync.zemanta.com
b2c.insticator.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
biddr.brealtime.com
bids.proper.io
blueamerica.crooksandliars.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.statcounter.com
c1.adform.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn.districtm.io
cdn.jwplayer.com
cdn.onesignal.com
cdn.undertone.com
cdn1.avantisvideo.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
crooksandliars.com
cs.admanmedia.com
d1bvk193qme2fc.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb.proper.io
eb2.3lift.com
ecs.mantisadnetwork.com
eu-u.openx.net
eus.rubiconproject.com
event.insticator.com
events.avantisvideo.com
events.bouncex.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geoip.insticator.com
glisteningguide.com
global.proper.io
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
green.erne.co
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.3lift.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.getadmiral.com
images.newsmaxwidget.com
img.connatix.com
img2.zergnet.com
img4.zergnet.com
img5.zergnet.com
js-sec.indexww.com
loada.exelator.com
mantodea.mantisadnetwork.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
propermedia-d.openx.net
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.avantisvideo.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
secure.statcounter.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
soapps.net
ssc.33across.com
ssp.behave.com
ssum-sec.casalemedia.com
static.avantisvideo.com
static.newsmaxfeednetwork.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
syndication.twitter.com
t.teads.tv
tag.1rx.io
tag.bounceexchange.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.newsmaxwidget.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
usync.proper.io
vid.connatix.com
visitor.fiftyt.com
www.clarity.ms
www.crooksandliars.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zergnet.com
x.bidswitch.net
4fafc644e94ec98f659c88d21ff35487.safeframe.googlesyndication.com
bids.proper.io
google2waycm.netmng.com
ssc.33across.com
104.108.50.124
104.16.190.66
104.17.120.107
104.244.42.8
104.76.201.56
13.226.158.204
13.226.159.116
13.226.159.129
13.226.159.18
13.226.159.37
142.250.185.130
142.250.185.162
142.250.185.98
142.250.186.162
142.250.186.166
146.59.148.16
150.238.37.130
151.101.114.49
151.101.13.194
151.101.194.137
151.139.128.11
159.253.128.183
159.65.197.210
172.67.38.97
178.250.2.131
178.250.2.151
18.158.93.70
18.185.167.149
18.196.104.43
18.197.47.23
184.25.115.49
184.30.20.185
184.30.20.198
184.30.20.241
184.30.21.51
185.29.135.226
185.33.221.13
185.33.221.89
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.137.131
185.94.180.124
198.148.27.139
199.232.137.44
2.16.107.56
2.16.107.75
2001:678:cb4:bbbb::11
213.155.156.182
213.19.147.151
213.19.147.210
213.19.162.41
216.52.2.48
23.37.38.181
23.37.42.132
2600:9000:2182:1000:1:a3fa:7cc0:93a1
2600:9000:2182:1600:1f:2473:9080:93a1
2600:9000:2182:1c00:6:44e3:f8c0:93a1
2600:9000:2182:9200:1c:386f:ec80:21
2600:9000:2182:c00:10:3422:3f00:21
2600:9000:2182:e200:19:f03c:7200:21
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1957
2606:4700:3034::6815:4466
2606:4700:3039::6815:c02a
2606:4700::6811:4e22
2606:4700::6812:c05
2606:4700::6812:e234
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:46::19
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c0a::9d
2a02:26f0:6c00::210:ba40
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.122.89.158
3.125.99.7
3.126.56.137
3.141.58.182
3.217.41.235
34.120.253.250
34.192.170.233
34.95.65.255
34.95.69.49
34.98.107.212
34.98.64.218
34.98.72.95
35.190.0.66
35.190.74.49
35.201.84.252
35.201.96.126
35.210.53.219
35.227.229.34
35.227.248.159
35.244.174.68
37.157.6.253
38.27.122.126
44.237.126.120
50.31.142.63
52.0.218.160
52.13.149.62
52.142.114.2
52.203.30.237
52.214.43.215
52.22.134.82
52.22.61.253
52.29.191.126
52.45.55.28
52.57.135.36
52.59.160.25
52.8.50.232
54.148.227.155
54.197.97.75
54.228.192.197
54.244.32.41
54.77.239.84
54.78.254.47
54.87.192.123
63.251.232.170
63.33.123.138
66.155.71.149
69.173.144.139
72.21.206.140
77.243.60.138
85.114.159.93
87.98.252.5
88.214.206.142
013155683600f0d286333f6e450a1583f30ad2aabc884df3386932a53de9804c
02bfabe95cf42ad5b3945580cc578f85c01056d0a0e16628cb6e4476d9bd3a9b
02d3139d9930000d7ac0590a61c938c24a47b96b998669637c08669166f95f9b
02f77c0a6d24815b92b531ae261cfbc0f39e63f8795fd3e21809a3a224200b8d
034815d675804b81de0426a5427d1e7a19ab167d1dec3d0e99f8f5d4433fbac7
036d3acbb3e39c869492f973fbf9aaf3131d43276eba81ae4f28f895ccd7a5b3
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04f6abfdaebd7170b5c22848a8ab4f2a5e9fcd76276d5de379d5ab0f14645fb2
051025522b6efc405929fb00ccf5e7bf3fc5d38cf56cf38f51d0ffa896938376
069be4863b4b0b91ca87b34d915d1690fd727d28dc07716cef16832782358c6d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0852f70cade68133654a89906c057fe93240aba1027c8808be21cb1a6cc827a4
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c526bee37bf8a96108c109c860b5c5023377163313de3890cbd2ccf50990f34
0c6e1ba051ac7bff8e5dc3a62d20e1df3868f3421ac5e1df5102f85f817db0bf
0ccadac47f8db7d9086cb5d1a3230580ee43e7db056734068ce3785376e90500
0d415b8bfc829cb9207cab9fb79ec1614a5c66de12fd42b6446451232eeaa502
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f3fe98eee6a27b1b2c46220b8ce6180560c1f1ba145a2b381feb43d729f6f28
0f6e274248556142c8168d15b17294dde141eac98963a5cb076f263c7c3caa34
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e0e8557bd1d3ed1b1bbfedb57421ac0527cdc4e926f7f07188330848fd626f
11389f87b6ac19653ac923a2a6deb163b41f1d703f16e1b8fc329b50f537eb61
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e41081bbdc7d9dd4feb3b354ef079dd35af005df77b2a691eff83d523b9583
13b1c4180a83ae550d826fafc987187ef8df5cee704f7a84739c4de3abbff358
14ed5d0f091e1f7c4dfd96ae727834123d840dd35a6c9910c78a1f46e4aa41ee
150ac46705ccaf733372fa01a038ca6ed5ea2b763bea0a7e462e02841c6bfe16
15d32fc474c2bdef791fd73e76fb57188710bbf2469070a22869d58d09b721ab
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1854c63de10b087c936f562feca8eeba8a1697f5a885803140d76ba885083bbc
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
191ce7487d377a2fea7e89a32a3da1b58533f930ebc05f989f195170f8bac6ff
19ca57771efc8e428a80bfa166b06efdcb1b0dcc38712b27d4f1d16476ca6ec8
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68
1c898a2e3974c68708e2d5569e522f376dcf19c627de3718e3ce18d26772bda8
205c0957c7659e11e8922b1897eb462bc05384d34ecc6d4d2750c55fb49d42ee
209d91feeb526790476ca8c890810031e505b939f8adc12af3aa624f223118d2
20a8d1ff19828fabaa37c29d7ea131752f7a1b2d691a4eda578427df7af10456
218e015f40ed1518e21e7256b12087e2852c2deed5d8a9f956457cef4de1e775
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
239bcd0c0ce43a6d89d495b5bf56e309b6b3c4c2c8f1bb33a18d38575ccc2f3e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25b423f1a34ee56ef4169baf7b2f294589d37f7536bd225a34b757f0f8ea5f41
25bdc561b0e244ac740feddb2e7291868609c7664c46e96b9fc100b4f0e26f4f
261f4292ef01c3dca7ceab13dfdec5c006c4690166ed36fa3d9965d863ebc531
265bc239708f74bf4e51ee68b548578e06c90cfcca055767cc10bcf0ec3d1523
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26b835c4de69cfbb58fa5673537ec4d42c30cc10c4d65867178bdb0855f296ba
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bbe36941b65150eb34cea6566327c74802cf4c6770592ba0bb250e36f6f54be
2c19d6f7691358efa1d92f802a1c111754ef8d35e87539fd6a0b9cf46e8c9029
2ce4c955d9c6e0e05ebd21e3d0de0978b748ebdda95936e1f87b53155b5bc49b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e2f8485434c1dc7ba8426b78bcdcce5d13462028693bc1b749957ef88909763
2f2cdf85ccbcabe2777b8136d624ecf41a21a4b8e58e116b2c01c13b938d95c3
326ba52a61b90ab026617a00a08630dbbb62ade006ae67265f0a948735c3df21
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33701a2561cc89de20d8cad0c6d2835eba8af778c156b4cab67a560ca01fd3b4
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38f4cafad6d235a057eb945e6f6e0cc55bb1a34eb0a3c77acc216df43db1221d
3931f49f4a0e63b23a12c23aed652699b116d40915e417ac3eb013a08e98c582
39c1fc98599a6003d039bd133e2bef6837dba8cd2105bbca50bc7753523e2727
3a08a1024ea68f14a28ccdf100d6bf5d1699b483bce434713f222016b42ebcf1
3cc79108f0e4310968c51d8cd437f76e2a0ae0605225f97cfceee3771205f0a4
3d2071a311576a54fb725a98e3a5c098fb83f23eb807fd9e99656735f881a107
3d52a1481cc0df7232efc072d18aa863f979b6ce1f101ef923d6a750eb60763e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed187fce049e12b677b4eafc7583020750d7b6dd71c70a0fd028dda6e3da77c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
437b19e621e441f57b0b9d437de90b4038a4a7c7b9b98671113dc8a9a1ffe824
44bfeb6f3e9384c527c6e9b5a3761b341cacddebbb4f59d7af3d4347cc890795
4605d4fa553d68a48aeed6c35e93e7a7c8dfa63c35683ca6ea04dcab48a5fc2a
47998b8a599a597274cbfef4a5070c786f5dabf9dd8dd4342c9e6b786a82dc2c
47c7d192fb17655dcaade4cb628c09cbcdd270eb8807c4bb061c31c6fa416df7
47d7700c59c5501f6dc6c7a3c7537ba80bba6a64054c5a0f14916219dbcd7eb4
47e7164f5ed832383ec96b33c61bdd7708cd670865e10c228f81a7d08fdffc70
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
49a86948f3816fc3471b1bb7bbcef93d16d933b71c112fd2689c760003add41b
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b1aa47dc36e365ea5cfabfd1f8ae8721acbef4e91ee53dc4160e8e424ae830e
4bb8f2ce32e9511e86546ec558e1b26b89a6db7ce5a0414fd90dd269a3df9c52
4cf8ea85c00336436b411304871b73b23f42b4ecf7a6cfbed1481d5e61a24b01
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9
4ea6b8f377d11a2df7a9e07d4e81cf9af1b00fcebef57f838ba3e40c4e7cd8cd
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5074fade910f40c6d3d087a1ec63ff87eabf176ef237e406657ba7a3600412fc
5094984b3a572003ae6efd05e94b4313419d918d25f67580b2d49b0b65a44586
51d97fe52e2acd6a1b8826fa033f56737ab4a23dc65ee4617fe4139a4c1e7264
52f92343631b055fb6a93a956f73ed600f825d9cf50ad8705c25395b6da72fbf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cd1be1701f6b8897588512c0fe5f88bcd78731a51f5c06877264a8b5bf0d0b
5577d87908fc15b3c7e5aa896b227ccb8a41541a438a8d0facda136b811c7f3a
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
577fdb0f21509705782cfdb305599f77041c691c59eb560cdcca08f3dbb7502b
57e5069f5f53365a4edea596e090a79ea505dfbf69f02a9290ee8a17adaee23b
596e15b10954cf1951b9262cc881640a7615eb2835ac54ca34006c35438ee1b8
5a6fe2b43f3b2ba33fa7f3458cee544586d9e0bf2ddc080dfd1bd0a0f6f47bcb
5b1459305b24ea0174e5b2f082512891f682e5d9dca976854e2a54a6f116baa7
5bffa6ca408fa13b4e8975cb53c23ad4ba0254e2eca7eccedcf27f9a51f9d908
5cc2c3810e4b3c6f15f7399c87afc16b4718561cc4ccbfb2de6ed1d2491ecda3
5d0886ad4e02a958c119d183ad3130a3b76e5019426388640b420d58563de08c
5ec3273a84b712c9588f71abe59bb1d8e26e692d5c98c5ddb732a02fb85f8e90
5fae6c2098dea78ab9a98fe7a91f64b6c7a848d9c2fa8c996847263f0f230c26
601ecef6383d02e04903fdf3dd7cfdd968fb09973e39f74b583eb7b9773e8f0e
6260deb404a9c1bf06382fd64771ba9431395c0c51853ab82f84c21797b11d98
62b1cff44a5e34b9587ad49f7ca951160f1559c5c545bcf99e13574ccaa5425a
62b4fc1f9ae93a7af35ccd6ab10e211c36799230b77fbc78066e6b023bda6705
631e430751c0f564d0f750d71c76d450fc31d8e9994cb6f5a077e65746061993
67285ce4e1875aad5c46db74e433565d15221806b24ca2a24a219e202b5e19e7
674631006d66a8e3ef197f47254a1856b96120fefcc4985a15c5b53b090a66c5
67667b7ee9688067f18161e446e08a8d676b84a9e9229a458bc4ef9a0d6621bc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0fecf492100d6d7e5a9c7304568a837f3e045903964c3a3cfd3d579c5e2c38
6cd4f33dc771a78d4069b7ccd94aebeb138e048a6df73a47f799af5666dcba4d
6dbfc676ffc58261e482dfc6072f65837e6414cd871e21046bcf9625dd770a20
6ee7edbd2cfc07cce71309592739315a3fb7667db35fa483a5de1c5c832f4581
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
711d2caf54c6729d02ce6e3d1fcc75d43986d0890947ba9326c2a07d13b54823
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7368f08017265b81c952de306512f79bdac018b2d28d1ac8f0daf4796ee31b05
744bd7908cbcc71b35dd9a449fc7023a4d8dd7a3e09f2f9fd94517e4856964f2
763e34b6faeec7c983f38c580d9cbb29730484b1d4910697ccd4da614b8a1556
767996c272e869f577a9f0706515a74089bed9863e9f0a58529303d57a55c94d
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
773113a8993ac672bea6088b7db6c332c65cc8b7da1a258072d9efd35d91e650
7ab14562049be187dabab3daec1d60f07fe5630c43e34e132ba6e85ab7448b5a
7ab5c170c1ba95ba833132b1e178a71f37e24332cc06cfde528679ad9fc93d4f
7b48f9320b3f5c50c22caa8222f39bc45ee9a93eb79771a2d8d495eabd514486
7c305d8aa97f10c8701013e9ab04390f7e499fae24533ff4440c245507e33888
7e094b98f2648cb47e6b8837c16315a438e81a9d7c64c5e2b13ee3b8c795902a
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe20f95e6eafcb276f426a630c8be4930f840428eb0a9ccdb9b979fe2ab8b0f
8242cc459e8ebb0fd280d91e3751ff6b55cb96a19e89f4e84c2aa0e843227b28
82d8c0f4570d34a35aa40ed053b4dcdeaad91506071454c997dfb3e5457dc852
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8363f4dcb892da78482b91a16f71f9b863a7fb3e406427662eecbc2e76d086c4
839b41dd475d143b31c479aa6e666b8deb648b293ee93e67071222960f2b75cc
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85442ce38509361f806c88309ba7c5bffabc3d758c83d40ad183a850e4effb3e
859ca7429f8beead0569dbabc9bbcf30dc37a4a0276e68ef1e8638501f636086
8660aee083a5dbfdf7dd59c529c411bf60bf5d076903af961df89543bd379871
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
878ba99f69a7097fca4a1a62587981e40667d6d846ef676391962e1a31e03366
885c615e9ccaa2c24fc8b6d90307c1b8b5dbac5d94d05274ca47a4f47f82a117
890d57381ef87ad79a04ad9569e462d413fb751e348912caa1a2b8c8517483dc
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a0497244e3e9dbab0903339a7651b3805b2bef76f812b3a1444f773e3e436e6
8a560c952162309d8a119c1667ac9efb91dceca2d216338aaf62c67784b2b972
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8bdff3474a2489fdebb5d89b7d8306de879cccf19c19c035f3e0874058a9247c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9a92e2e658f7c4de816a451a6614eab60e4b0ed631220a9fb724fcb3082a89
927d8ab13bff99294f645415cb2d0ac64b228e681579948a88fc3fdaec5d8b25
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
9538f4e06a909fd490228a56f9704dc2b3381416ccff7c9aa169b6ff7fc54c15
95953fc08807345d363b9c6f2f2e8ee046c4a3204282eea7b7c9e3d5b150207e
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9701e9e558ff961dd9aba76d28a6e0a30c9109e0f10de723900f3c95f850ab88
9771bb018b89d73235e7d0d438119bf0f9d79e82bac5e9d17f3d4fbe34d03ea1
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98c6e0838ef56e75a3d90be996ca6e47d87483fb9d7b4148cdd56acb7b133cb8
98d99f501ee43f01c2bf8c2ccd679113602540d1accdf63b5b661c98d29df3da
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a26d75c5454f91bc18300607c0aded99edd665bdca5feaab82b469994d4543f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c85766d7829d100be7b0101187341d5402c983ec04c8dbbd9629c37f6f5497b
9e21a3b79278b8f7457f6ad1d355bdfdcb9029cec18fbe3d756a49edad50bb61
9e29ebe2abf5f68a963f7d37876bbdc6ce939730f3f63dee01bab95638ca467f
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e9179c544e6f6675a4d39df7d77f2d57a39028f218c84246c369a686d5c1341
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2672f5bcb380c864cbadd95b0916c27ff90f70426e4b9db12c167c68ba58bac
a2a888d43fd28422a665bbe2d732a247b1e25bd0de93601651f58216a01cc200
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65f2d615afa144bc37870717e3c3054c84cbcb4d44682ed3d710134d3e15850
a6d01915adc7ca4afb99537d62f00e7fe7ac24a4af07d4f7ad5630e6cfcdf962
a89a30449550d6379b07031dce97050f1a7b7279bd59c4322238955d40ef5852
a8d227efe0ef553cba37d86bef6e44598dbf9bd9fad3db2582b0ffdebdbd6138
a99f6f159973dea250e82a14f46bfd4ae8b3ae76436e64cb47cdcede6bba8474
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
a9efa80402f8abc54393bba5766b171b6b140db2348f5c1e8c43481caff89802
ab11582980d53ae863dde75d89faaa1121eafab0e2ca021961c7f1edb6bb4534
ad0b90ad7694b8d25d23dbb689bf96fd9a12a9ac6153b0ef83c292d45f9c8f6b
ade8431495c374af2d6164cd2e020a9e6363ec0d9ccf5557c75b09dd88ec2c67
aff21e44b272dbfedfdf6135ab0d357e2a8fe13ba94c6bba2205d75eb890dcf3
b0527d89a1052435038e9c6bc1edda47bd8214bdcc7e277cbdf95eb16e80b965
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b2f63edf41c2dd793b54f1a0c1c35bc5ea6da64b77c7fe9e322151489a5a7a98
b48646c2bc28d9bc49ad2d43d5e01d3227672c562b9a4687d40a1237ac43cac7
b6217edd694c006c2b286c762cf1b9e8184b134c0e06cf6fbb4fc5daad9cab7e
b636e945e7a51dfdac0a86a3329e1369f03597b4e5d7b0218c3b6710ee918e92
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
b812b97d1e2f7ca8ae8391aca9bf10e2e154db8ac62bd82bb8e6990d86bf289a
ba1ab31c0baa328a01132704ed3c7f669e8e92485a64517ae1b0cc3ecb67029e
baf2c8403dce822be9964189b255c6bf6b435e0faa0e84c668c11712f3605aab
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba7e1e38dfcc2787ad5e4958a3c8d4cb556c1c58462d24ddab7d9d9e1ef84ab
bd5a7b1df39d558cecb2ba42ecdc8d34b8bb617dd05819ca58d05d885def2333
be53de2f9f3c06495a864e0fee7259beabe8f15d10e268509c3003c762128013
bf1c68d3156677255ee3a98ca9ff3d2e89c5fd0e4b8c94dcad27c9eb7c76605e
bf3b6cac3c99b6d5f97ac952d13e9cd4cc48a51c5c518cdb95046bc2d1516f34
c0c53aa097fc11943ee02bfc1c3330b3b729d84608d34dd8433ecf58a3ce691c
c1e4e9ef2b4636c9e35320960b211ad3f8892bba03b6699c40fde89c0a53e697
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2d61dbcf89212fc5395085521d264e5648ecf868dc9950ba3ea14a777102870
c35fa444a75c5b5493ba609fb5f26e9fea09551d46b74050779a30f6ff7b3873
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c48ef7892fae321ab52273fa503aff2fed65b1e18c6fe03acba522a0850ea104
c4b3f86a3cf1366a27fbaf08dedf0eda453e86094cf2071f4fed15c866afc870
c507d4f136f4f8f4be277f9b03c9cc81f8d9ea2db9d17a93e1354703021c6183
c5086d4f97bc3ee70971c51e89fa6ae25ff054accec7c4e890b1083ee7bcc9ab
c56e46c9c8ed096f208a34b0ac5699c978f59dd3272aff1c155d41c5615f6ead
c608cfb7e1953eebb51ed8410a0c4a063bbc777dc20c63867b15f36b66edeab5
c6841ac4a555d56aba69a9c34c3aa35b8294c193e7b391f0b4d4a9c05459ae04
c7198ff46351c479ae06edd5bef332d6f9e2ba46373a153c4401172b606b36e9
c72f900e7d117da069701bc938dc3c72f6406fccf79d4a8cfcc6c239e8cea977
c8248dfde9b3481f06d50cc97642f44db7604e93119b317ea35d1bb5d900c448
c92d8e0768f7e692715c3bc8625e0b0b7e0d894a33ebfc89ffb7b4493f06e410
c9c983531d4702a3ee0f87fbc9387fea952e8a521c8ddbfa49f1124c90bf5db6
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cb761113af185bd5089d7e40f9bc119ea8c60738e03e0b0c5c53253d2b62af84
cce254c8ee31c9c159462bfb8ea4cf14da6c522ccca004a12adaeebd3d8e2568
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d48c95e39e7dcd31ebeee1191f77770fa1cb0a4213bb84ac925406066218c841
d562b4aacc6f64a531d02f87ae4df37761081d0a3bba7997e2cca42835a61b1c
d6557d698e6629071be5da47542f295fcb2426f361fa0d4f470cc3d28137f169
d7b5ad7fd5f9f5c156c2dda9daedc77f9967c91199d66295aad3c51b6e06fd76
d85680431f6b18d6f462d4fd0166441cb06c35351adebeeb2b663fa91859487f
d931343dc7d4a27df4fe1c9ef3cd84d9c0feb61a978b00fb52c7eea6f7c2d30d
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
db399886c635ebbfa97d2eae22892462958aa92977cc5399ac6f23e379fef659
dc67b05c5b2edca5905fba0e3d3d02dd9610aa3c12854a2cbdcd96eaa03f0e72
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de1a96d073ef88b7bb7ad36228ba75ecd0a9fa573b477ef6339ada437cfabf91
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2279a6421f69524628c6605d5fea106d9fef83696e51d61b21030c26bff1c9e
e2c8e0d147d1f20477590821dcc2991b158b0ee8e27684e942f851f5a05b2c0d
e2f794ed9dbff623e26c28f7f2aa46819344bef9eaad9cb396625fdda0a00c4a
e3adaad0981dceafd37b9858e50210b6f67fa747e9fddcd62d67ed427a3574de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e78ac25678dc30c6fb628abb8225effa4ba2f7ec7e94350992ff5ef76870bc22
e7916e26498bf49c4bfc2a1b8351b43cbe67a2965d3fb0046eb438cd7d139a21
e85c814bb0d1f6b50829fb1cf2d8a0ea443d65ad2e09c94a2b6afea97dbe0301
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ea73965c84fbe27cdbddb8824648e3062f9a01f5858db169fbbbed7149de2408
eb9bedad7a0456401637c4005695128dbecdef19980314998678a7f2551bc3c8
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb29b14b910b331fece9813f7e2b4a2940c7a94218970164f18fa2c17878f48
f16b6f2446d8033654e9a08cde0b506d305976ad691b07d997e8b5524f701b1e
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f40d9087d18669ee9be744b04156f4fca94987fc83ef80b6fed8259477ccfc0c
f4587470bc8e3130454c70bfcc853217d276e2b88f8849653689f6d0ec53d46f
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f6277b9aa39c6ae8f35ae14f1041f469ee64cdd3efa1608aea4f1db79b347c2e
f70c18497b92a05704aaf743e7e4ab50d52b4125707904a683bedc2fc57d239d
f748e45cbd878fb6cf68aeaec784ffa6a2a2605b061a7445c6fc43d09afe04b2
f7750c66177119690f634629785f32d4b7d242dd57913c0ba0e2c2c6b3b7079b
f84cb32ca17b9d34e0f2dfd288810ff67f518c0b181fdfb37c5702f1ca25bc06
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f8b4d53edcfea934eb1a122e3906f3ba07785e680b542922629dfe4300c1732e
fa8558bedd9ccf730199363b33d90eb722540487048e7961861e68ddb40ec9a4
fb97fdccdbd34bf2627d60ac1ed2f27fed39aea2cb41a6b73c95e24d7c86f94e
fd3490b3b74ff729c5d0c54febfed6cb72264c234910f085dff7beafdafac3ba
fd4e97254cec754fa8c045fa27ffd11e4f6942e523db1a75833025b0ea6d0467
ff326df9eb0b43dc859902087e6a786810cbacf7237dab932f817045b5280e53