Submitted URL: https://www.openhouses.poststar.com/
Effective URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Submission: On March 31 via automatic, source certstream-suspicious

Summary

This website contacted 88 IPs in 10 countries across 80 domains to perform 266 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is www.poststar.com.
This is the only time www.poststar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 192.104.182.109 10668 (LEE-ASN)
22 104.18.130.43 13335 (CLOUDFLAR...)
1 13.226.159.22 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 17 142.250.186.98 15169 (GOOGLE)
5 13.226.158.204 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 66.155.59.43 13768 (COGECO-PEER1)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 13 2a00:1450:400... 15169 (GOOGLE)
1 3 104.16.88.26 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 2.16.186.51 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 13 52.95.124.170 16509 (AMAZON-02)
2 34.102.205.239 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2 184.25.115.49 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 208.100.17.184 32748 (STEADFAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.166.210.103 14618 (AMAZON-AES)
3 2a03:2880:f11... 32934 (FACEBOOK)
2 104.16.39.14 13335 (CLOUDFLAR...)
2 2600:9000:20e... 16509 (AMAZON-02)
2 52.30.36.221 16509 (AMAZON-02)
2 208.100.17.182 32748 (STEADFAST)
5 6 213.19.147.151 26120 (RHYTHMONE)
7 8 108.129.45.237 16509 (AMAZON-02)
2 19 34.253.11.193 16509 (AMAZON-02)
6 2.18.233.180 16625 (AKAMAI-AS)
2 23.37.42.132 16625 (AKAMAI-AS)
3 3 3.126.56.137 16509 (AMAZON-02)
2 6 35.244.159.8 15169 (GOOGLE)
5 11 37.252.173.27 29990 (ASN-APPNEX)
1 1 185.86.138.120 201081 (SMARTADSE...)
1 2 72.251.249.9 29791 (VOXEL-DOT...)
2 2 3.120.52.49 16509 (AMAZON-02)
1 2.18.232.130 16625 (AKAMAI-AS)
1 67.202.110.21 32748 (STEADFAST)
3 3 2620:116:800d... 16509 (AMAZON-02)
3 4 37.157.4.25 198622 (ADFORM)
7 11 142.250.185.98 15169 (GOOGLE)
3 3 37.252.172.249 29990 (ASN-APPNEX)
5 5 35.156.19.236 16509 (AMAZON-02)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
2 3 64.202.112.95 22075 (AS-OUTBRAIN)
1 1 3.225.15.51 14618 (AMAZON-AES)
2 3 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 52.202.125.251 14618 (AMAZON-AES)
1 193.122.128.135 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
1 1 64.202.112.127 22075 (AS-OUTBRAIN)
3 3 198.148.27.140 19189 (PULSEPOINT)
4 4 185.29.135.227 30419 (MEDIAMATH...)
4 4 151.101.14.49 54113 (FASTLY)
1 18.195.155.181 16509 (AMAZON-02)
1 1 124.146.215.48 2514 (INFOSPHER...)
1 1 193.0.160.129 54312 (ROCKETFUEL)
4 4 185.184.8.30 204995 (RTB-HOUSE...)
1 184.30.24.22 16625 (AKAMAI-AS)
4 216.52.2.39 30282 (AS-INAPCD...)
2 4 34.253.109.165 16509 (AMAZON-02)
4 9 69.173.144.139 26667 (RUBICONPR...)
2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 34.200.78.134 14618 (AMAZON-AES)
2 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
8 2a00:1450:400... 15169 (GOOGLE)
2 2 213.155.156.184 1299 (TELIANET ...)
8 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
5 5 54.171.41.106 16509 (AMAZON-02)
1 1 185.86.137.131 201081 (SMARTADSE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
11 185.64.189.110 62713 (AS-PUBMATIC)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 3.121.49.210 16509 (AMAZON-02)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 159.253.128.183 36351 (SOFTLAYER)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 188.165.4.142 16276 (OVH)
1 173.231.180.197 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 51.210.112.236 16276 (OVH)
1 1 52.48.137.92 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 35.244.255.22 15169 (GOOGLE)
1 52.29.225.117 16509 (AMAZON-02)
1 52.49.20.76 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
266 88
Apex Domain
Subdomains
Transfer
34 doubleclick.net
securepubads.g.doubleclick.net
survey.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
655 KB
32 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
81 KB
23 googlesyndication.com
a896125dab8f29e86e288da46edd18c4.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
5061f0b7eeb00b407e24883bf29dd77b.safeframe.googlesyndication.com
522 KB
22 townnews.com
bloximages.chicago2.vip.townnews.com
422 KB
19 gumgum.com
rtb.gumgum.com
6 KB
18 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
76 KB
15 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
43 KB
12 rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
17 KB
8 adsrvr.org
match.adsrvr.org
4 KB
8 google-analytics.com
www.google-analytics.com
77 KB
8 poststar.com
www.openhouses.poststar.com
www.poststar.com
poststar.com
33 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
7 google.com
ampcid.google.com
adservice.google.com
analytics.google.com
www.google.com
2 KB
7 cookielaw.org
cdn.cookielaw.org
108 KB
6 lijit.com
ap.lijit.com
ce.lijit.com
6 KB
6 openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
6 tynt.com
cdn.tynt.com
sc.tynt.com
ic.tynt.com
de.tynt.com
8 KB
6 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
15 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 33across.com
cdn-sic.33across.com
sic.33across.com
ssc.33across.com
134 KB
5 googletagmanager.com
www.googletagmanager.com
259 KB
4 creativecdn.com
creativecdn.com
ams.creativecdn.com
1 KB
4 everesttech.net
sync-tm.everesttech.net
942 B
4 mathtag.com
sync.mathtag.com
2 KB
4 adform.net
c1.adform.net
2 KB
4 1rx.io
sync.1rx.io
3 KB
4 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
47 KB
4 cloudfront.net
d81mfvml8p5ml.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
22 KB
4 googletagservices.com
www.googletagservices.com
136 KB
4 google.ch
adservice.google.ch
2 KB
4 google.de
adservice.google.de
ampcid.google.de
www.google.de
1 KB
3 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
1 KB
3 contextweb.com
bh.contextweb.com
2 KB
3 outbrain.com
sync.outbrain.com
981 B
3 quantserve.com
pixel.quantserve.com
1 KB
3 facebook.com
www.facebook.com
444 B
3 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
2 KB
2 onaudience.com
pixel.onaudience.com
885 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 fiftyt.com
visitor.fiftyt.com
992 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 rlcdn.com
id.rlcdn.com
idsync.rlcdn.com
436 B
2 3lift.com
eb2.3lift.com
743 B
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
831 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 freshrelevance.com
am.freshrelevance.com
5 KB
2 leetemplates.com
a.leetemplates.com
491 B
2 facebook.net
connect.facebook.net
94 KB
2 onetrust.com
geolocation.onetrust.com
746 B
2 gstatic.com
www.gstatic.com
13 KB
1 exelator.com
loadm.exelator.com
324 B
1 ml314.com
ml314.com
422 B
1 agkn.com
aa.agkn.com
415 B
1 skimresources.com
x.skimresources.com
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
327 B
1 playground.xyz
ads.playground.xyz
488 B
1 simpli.fi
um.simpli.fi
609 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
325 B
1 media.net
contextual.media.net
371 B
1 rfihub.com
p.rfihub.com
747 B
1 socdm.com
tg.socdm.com
835 B
1 emxdgt.com
cs.emxdgt.com
1 zemanta.com
b1sync.zemanta.com
281 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
610 B
1 clientgear.com
event.clientgear.com
263 B
1 googleapis.com
storage.googleapis.com
27 KB
1 cloudflare.com
cdnjs.cloudflare.com
4 KB
1 classifiedconcepts.com
www.classifiedconcepts.com
2 KB
266 80
Domain Requested by
22 bloximages.chicago2.vip.townnews.com www.poststar.com
bloximages.chicago2.vip.townnews.com
19 rtb.gumgum.com 2 redirects aax-eu.amazon-adsystem.com
rtb.gumgum.com
ads.pubmatic.com
17 securepubads.g.doubleclick.net 1 redirects www.poststar.com
securepubads.g.doubleclick.net
www.googletagservices.com
cdn-sic.33across.com
13 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
ap.lijit.com
ads.pubmatic.com
13 tpc.googlesyndication.com 2 redirects securepubads.g.doubleclick.net
www.poststar.com
tpc.googlesyndication.com
11 simage2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
11 cm.g.doubleclick.net 7 redirects u.openx.net
rtb.gumgum.com
aax-eu.amazon-adsystem.com
11 ib.adnxs.com 5 redirects acdn.adnxs.com
8 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
8 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.poststar.com
8 match.adsrvr.org 7 redirects u.openx.net
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.poststar.com
7 cdn.cookielaw.org www.poststar.com
cdn.cookielaw.org
6 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
rtb.gumgum.com
5 match.prod.bidr.io 5 redirects
5 token.rubiconproject.com 4 redirects aax-eu.amazon-adsystem.com
5 x.bidswitch.net 5 redirects
5 c.amazon-adsystem.com www.poststar.com
c.amazon-adsystem.com
cdn-sic.33across.com
5 www.googletagmanager.com www.poststar.com
www.googletagmanager.com
4 pixel.rubiconproject.com aax-eu.amazon-adsystem.com
4 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
bcp.crwdcntrl.net
4 ce.lijit.com ap.lijit.com
4 sync-tm.everesttech.net 4 redirects
4 sync.mathtag.com 4 redirects
4 c1.adform.net 3 redirects image6.pubmatic.com
4 sync.1rx.io 4 redirects
4 www.googletagservices.com securepubads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.ch securepubads.g.doubleclick.net
4 www.poststar.com www.poststar.com
3 bh.contextweb.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 sync.outbrain.com 2 redirects rtb.gumgum.com
3 secure.adnxs.com 3 redirects
3 us-u.openx.net 1 redirects u.openx.net
3 pixel.quantserve.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 www.facebook.com connect.facebook.net
www.poststar.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 survey.g.doubleclick.net www.poststar.com
survey.g.doubleclick.net
3 poststar.com www.poststar.com
2 simage4.pubmatic.com ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ssc.33across.com cdn-sic.33across.com
2 image6.pubmatic.com ads.pubmatic.com
2 ams.creativecdn.com 2 redirects
2 creativecdn.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ap.lijit.com 1 redirects aax-eu.amazon-adsystem.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 sync.targeting.unrulymedia.com 1 redirects rtb.gumgum.com
2 de.tynt.com cdn.tynt.com
2 am.freshrelevance.com dkpklk99llpj0.cloudfront.net
2 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
2 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
2 www.i.matheranalytics.com www.poststar.com
2 www.google.de www.poststar.com
2 sb.scorecardresearch.com 1 redirects www.poststar.com
2 a.leetemplates.com storage.googleapis.com
2 js.matheranalytics.com 1 redirects www.poststar.com
2 connect.facebook.net www.poststar.com
connect.facebook.net
2 cdn.tynt.com 1 redirects www.poststar.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.gstatic.com www.poststar.com
1 loadm.exelator.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 aa.agkn.com bcp.crwdcntrl.net
1 x.skimresources.com bcp.crwdcntrl.net
1 idsync.rlcdn.com bcp.crwdcntrl.net
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 green.erne.co 1 redirects
1 ads.playground.xyz 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 5061f0b7eeb00b407e24883bf29dd77b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.yahoo.com aax-eu.amazon-adsystem.com
1 id.rlcdn.com aax-eu.amazon-adsystem.com
1 pixel-eu.rubiconproject.com 1 redirects
1 contextual.media.net ap.lijit.com
1 p.rfihub.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 event.clientgear.com 1 redirects
1 eu-u.openx.net u.openx.net
1 sic.33across.com cdn-sic.33across.com
1 acdn.adnxs.com cdn-sic.33across.com
1 ssbsync.smartadserver.com 1 redirects
1 www.google.com www.poststar.com
1 ic.tynt.com www.poststar.com
1 sc.tynt.com cdn.tynt.com
1 analytics.google.com www.googletagmanager.com
1 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 b.scorecardresearch.com www.poststar.com
1 d81mfvml8p5ml.cloudfront.net www.googletagmanager.com
1 storage.googleapis.com www.googletagmanager.com
1 cdnjs.cloudflare.com bloximages.chicago2.vip.townnews.com
1 a896125dab8f29e86e288da46edd18c4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.classifiedconcepts.com www.poststar.com
1 ampcid.google.de www.google-analytics.com
1 adservice.google.de survey.g.doubleclick.net
1 ampcid.google.com www.google-analytics.com
1 tags.crwdcntrl.net www.poststar.com
1 www.openhouses.poststar.com 1 redirects
266 126
Subject Issuer Validity Valid
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-09 -
2022-04-09
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2019-06-13 -
2021-06-28
2 years crt.sh
poststar.com
R3
2021-03-12 -
2021-06-10
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2021-02-12 -
2022-02-11
a year crt.sh
*.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.google.de
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
*.google.ch
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.googleusercontent.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-01 -
2021-09-30
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-02-10 -
2021-05-10
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon
2020-06-15 -
2021-06-15
a year crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1
2020-07-17 -
2021-06-02
a year crt.sh
www.google.de
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-11 -
2021-06-03
3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-01 -
2021-09-30
2 years crt.sh
*.gumgum.com
Amazon
2020-07-03 -
2021-08-03
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2021-03-30 -
2022-04-04
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-05 -
2022-01-18
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2020-03-11 -
2021-05-10
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.freshrelevance.com
Amazon
2020-06-27 -
2021-07-27
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA
2020-07-28 -
2021-10-01
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2020-04-09 -
2022-06-08
2 years crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA
2020-05-04 -
2022-05-09
2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2020-02-25 -
2021-05-26
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-03-29 -
2021-05-05
a month crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-01-30 -
2021-04-28
3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020
2021-03-09 -
2022-04-10
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-10-30 -
2021-04-27
6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2019-06-19 -
2021-08-31
2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA
2020-09-10 -
2021-10-12
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
*.ml314.com
Amazon
2021-01-17 -
2022-02-14
a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2
2019-05-17 -
2021-06-25
2 years crt.sh

This page contains 46 frames:

Primary Page: http://www.poststar.com/app/marketplace/homes/open_houses/
Frame ID: 4CA1BEC77EC74685290A79DCF71CC4A3
Requests: 114 HTTP requests in this frame

Frame: http://www.classifiedconcepts.com/CCDL3/AppOH/Default.aspx?cid=GFPNY
Frame ID: 3DC1C8873648757CDA5C06A88C926BFB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbmueUWWyA2X8MKZ8MpasSjOUMKUuG0DbPCbOfgyllEyTaooGf_HRfWz8T_arpj3I2IzcJiXfpIhMBIub67VFNlNH4W2iiLVPPP6pCCMmltYbKooHylBwaa4mA2f1SHkGsJ1ljMjDRX_K_Q4J_T-VBjLGHvGjo8bmB9sEqqXCPIflUwVCszhmfWddgKEfNBewQzPNhq0UArj8lg8GP63LhkF--EKJ4UGtQ88_k8Z3ZFQqWKz0gXZ8ZNAqEtV4hwzSWbSRx4p0ZHXB3jSbbWS4DiUlxcjlTEtmK6p2LxvCJIp2LatDsg_m9lDjBkx6KDocD&sai=AMfl-YR3fAxbOn3I9AOzwlSTAC8syz5nkB9FL9ANuIxH06sf0rnv0bDImxd12asIDUQnQhqGADi98htJd8IWvEA8LxEkJa1iDmhEL4VNfoebxezF9m5DxXT4uqP60aAR9U4&sig=Cg0ArKJSzML0J7mSZdVWEAE&urlfix=1&adurl=
Frame ID: C8D24EF2329CCAF25DBE54415474095D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthhs_2qDG2ANZ9UQR1hpvY2X_28IWoKJKejnYvgQAPgDnvUreLC8-AkfGqOkGTKpcO7ujHpFg8-m6BtAxddAhnL_zGyVOjaIYlbHBvACm5Y4rjl6-mNP1MsKfe54iLMHMbsVVc_reO7kh2YNAJIzPH1deE3GksQ8na0LcqJqbD-d1AwdeQ2WVecQFbiTLf4xoLEwdnbALjpc2Y7ltXTQkYKKjAQDbBDnVbue_PTgOCr2sy8z8-nnyFSsRfBPyMPptrfErOtfOWS7GzU-Qdr4NuqT6T9Jjed5gCCgpgQT9dJyi1tXUV5N8O&sai=AMfl-YRX66PpPdg2WTWDnmObqD1Ved-yWa_DZ8OSNaUTUf5-5PI88wOW2XQEvzJTca_XZc-qytGeSUWRJbn8Avv2TNm57_npKQyrpwbT9JZ-RyRSsXZ51Bf0pzzYV-9OPuE&sig=Cg0ArKJSzAc-TgNI__rxEAE&urlfix=1&adurl=
Frame ID: CA629BAAC0DA956828A2BD5F0E597678
Requests: 3 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Frame ID: BABC99FC18E04EBD630858A044C2BC39
Requests: 1 HTTP requests in this frame

Frame: http://am.freshrelevance.com/tpc/
Frame ID: E586D0E660B474CD8A69E768279FFE4D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 25166C21EC910A11196472CED0B9DF99
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9g2IkXY2msyyoobxQDFx_LFfrwMtey9JYbRk_x6-w7bQ0tnByq-b4NAYP_Ak11MeZyj51Eez6mDdryfPZHUdEOHsdenV_ppyYKArSwMMNPy1f28yl_GJAQHJTr_Dbx6qeOW0EQ61p_4jJIeE7-uofspydEACA8IZvxMNbNvRI6mpbfgYht33OkYzbWU0i0Quc_MUDIsuV-pyPrWZhcv3yG_fUF7m9eJ2ah8IQC31Qu79XAjnleJBvu22T41fCyir_-4NAwos2NtBNxri6Epv7AH3lI0GW1cnNzae486rXiJlVJw&sig=Cg0ArKJSzPZ_HyIMpoDsEAE&adurl=
Frame ID: 78A900A93C9F080985749AE3C2DC7D83
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 35CB8A01C50801FBADA0CB069FE3D73F
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 2AEF1E6FD1EDA291B309C0F47C82995D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: DBBB8253C985559A0D61DBF24725CF59
Requests: 12 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-5LB7IGF1l2NuAEUwlzdaJTuJS37QqKc-&
Frame ID: 84ABC878AD5E6DDB8824117C70CC0001
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: EB56B9E6B8181264BC54A8BBD3C2FB3D
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=108873596649824390&ex=districtm
Frame ID: DB1D8E009F831AD784A988FFCC40DC81
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4727255393733069352
Frame ID: C6528C1CA64DA41627F2E38ADCBEE588
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=8302113262692078232&ex=appnexus.com
Frame ID: 56AF004B91F67B41C36C7A87DD4EDCAF
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 94AF4341694E5BFEBBA1A7F1AA31C218
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12031610581631977591
Frame ID: C8644F7AD45C6B70714B3624D14E60FD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 45DE5BB07BE2464491DB853FDE88679C
Requests: 7 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 3014AD8022586E8D249C59B68DB6AC54
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A999556B0907C9CBC8A22D50EA87419F
Requests: 23 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=&gdpr_consent=
Frame ID: 9F2F5D4B8073C154AC344A510412B942
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YGRqdgAAAGgtaToG&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
Frame ID: 45D4ED477ED2D8805B482FE252E20C15
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83ZjY0OGFkZC1iZWEwLTRhYzMtOTE0ZC02ZjZhYjVjNjc1YTk=&gdpr=&gdpr_consent=
Frame ID: 60262A8EEA60CD4B3C68AA60BA36F7AA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 10AA9880D7DE705FAD833238D12F5221
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=08ecce6a-86b7-43c9-98a7-eb020357e223&t=1619785590
Frame ID: BEE37CA8C8A37B06221A9DCCE2A7EAFA
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 3EB53EF196BE7BB8551A5A6C3DE081E9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YGRqeMCo8XcAAHpX6NQAAAAA
Frame ID: 1F90DCF41A3F7C732B33D6F05FA62A8F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878968814641318
Frame ID: DE64A3A7C40196EC09B057DF72F04412
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=99EYpyI0tSEqWc1j5Ew4&pi=gumgum&tc=1
Frame ID: 73D8E28B34AAE5DA5C942848E36C8F2A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 100EF6AE1301E2131CCD1B9CA7D1FD66
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 56BC66A0771C3C6FBB20D43A916BDAF1
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FD87805CB4B948D3CB36BF2856BE2B7D
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6230805304824807909
Frame ID: DE8AFFB3C212B2B90257ED5559D71422
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: D9FC1FDD8FCF9607FCCFF08408C4F9E4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4sU7AyNUAACfqTOupZg
Frame ID: B0E315D605BA7AF1C941A57517E43562
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6945793597534369939
Frame ID: A778649D19185013E9809E0F69126E4D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=922F6019-CFB5-42B7-B6F9-4C3869EA172E&ex=pubmatic.com
Frame ID: 50B3DF6A0EB15A3F8289B500E5CCB3F2
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=922F6019-CFB5-42B7-B6F9-4C3869EA172E
Frame ID: 92966042169DF15CB987DCF5D0C2ABFA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1qUcCCHUZ5VAPg6eIaXGWkDK
Frame ID: D277C3DB8767148A01D07F1589932823
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 43F9A412D7FAF35D331BF59458339E53
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: EAA0DCD5AFEA31D298659D26A902F75F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=iakbZ1vZDAKY&pid=557219
Frame ID: CD333F34DA216652E3348DFAFF58FC4A
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=pbm&i=922F6019-CFB5-42B7-B6F9-4C3869EA172E
Frame ID: 1E9EECC6169A0019A5BC2415BCF02523
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Frame ID: E53F1C4CF67B0DA243E506E44A1695B0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DC28C8A7E3A992B6433E8B51B8FA3BE8
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.openhouses.poststar.com/ HTTP 301
    http://www.poststar.com/app/marketplace/homes/open_houses/ Page URL

Page Statistics

266
Requests

93 %
HTTPS

31 %
IPv6

80
Domains

126
Subdomains

88
IPs

10
Countries

2812 kB
Transfer

6487 kB
Size

60
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.openhouses.poststar.com/ HTTP 301
    http://www.poststar.com/app/marketplace/homes/open_houses/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 54
  • http://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Request Chain 55
  • http://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2 HTTP 307
  • https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Request Chain 70
  • http://cdn.tynt.com/rciv.js HTTP 301
  • https://cdn.tynt.com/rciv.js
Request Chain 76
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDXx8_YfxABGAEyCPmkpliif3TY HTTP 301
  • https://tpc.googlesyndication.com/simgad/3510635855426768146
Request Chain 77
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDXx4-_4AEQARgBMgimWnz7PJc8hg HTTP 301
  • https://tpc.googlesyndication.com/simgad/15561662653971569072
Request Chain 78
  • http://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Request Chain 80
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 84
  • http://js.matheranalytics.com/s/ma1527/725149320/lee/ml.js?cb=1560 HTTP 301
  • http://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.gz.js
Request Chain 90
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Request Chain 99
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1617193590169&ns_c=UTF-8&cv=3.5&c8=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&c7=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1617193590169&ns_c=UTF-8&cv=3.5&c8=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&c7=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&c9=&cs_ak_ss=1
Request Chain 122
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4977858355 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4977858355 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/08ecce6a-86b7-43c9-98a7-eb020357e223 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-085e59db-593e-44d2-8320-545435dd19c9-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-085e59db-593e-44d2-8320-545435dd19c9-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-085e59db-593e-44d2-8320-545435dd19c9-003
Request Chain 126
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-5LB7IGF1l2NuAEUwlzdaJTuJS37QqKc-&
Request Chain 127
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 128
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=108873596649824390&ex=districtm
Request Chain 129
  • https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4727255393733069352
Request Chain 130
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=8302113262692078232&ex=appnexus.com
Request Chain 131
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 132
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12031610581631977591
Request Chain 142
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=C7PLRQviykcQ4ZlEDrbQSVnlmBQQtZtBX-ZJLBjm
Request Chain 143
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6084857982209174542
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKPUs3nUlC696HMzYrWDOYI&google_cver=1
Request Chain 150
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8302113262692078232
Request Chain 151
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ebd18937-0baa-4edb-bdfb-6a058c5c304f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk3d818633-c41b-4027-8813-0f896438a8db&expires=7&user_group=5&ssp=gumgum2&bsw_param=ebd18937-0baa-4edb-bdfb-6a058c5c304f HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=ebd18937-0baa-4edb-bdfb-6a058c5c304f
Request Chain 152
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Zwm3LceiH5EQrirlaoBaax7h4GjLWqBYjIEYXqASmPq3vF7ElV4vyHH-fJnA3jiN%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Zwm3LceiH5EQrirlaoBaax7h4GjLWqBYjIEYXqASmPq3vF7ElV4vyHH-fJnA3jiN%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&obuid=ENC(Zwm3LceiH5EQrirlaoBaax7h4GjLWqBYjIEYXqASmPq3vF7ElV4vyHH-fJnA3jiN) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 153
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=a8f29ee6-82e9-0fb4-24d5-bd22d4e5e1d0
Request Chain 154
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-cd6d9307-2796-4904-534d-f69539957c84$ip$185.156.175.107
Request Chain 155
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-MPLFctxE2pdD8q8bHMSLbCi.5jFeobEvD1tp~A
Request Chain 156
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=52e76d5f-921c-11eb-bff9-b9567abcfdd5
Request Chain 159
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 160
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5072976874 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/08ecce6a-86b7-43c9-98a7-eb020357e223 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-085e59db-593e-44d2-8320-545435dd19c9-003
Request Chain 161
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=iakbZ1vZDAKY&ev=1&pid=558355
Request Chain 163
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=&gdpr_consent=
Request Chain 164
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YGRqdgAAAGgtaToG&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=08ecce6a-86b7-43c9-98a7-eb020357e223&t=1619785590
Request Chain 169
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YGRqeMCo8XcAAHpX6NQAAAAA
Request Chain 170
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878968814641318
Request Chain 171
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=99EYpyI0tSEqWc1j5Ew4&pi=gumgum&tc=1
Request Chain 175
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=8302113262692078232&gdpr=0&gdpr_consent=
Request Chain 176
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=99EYpyI0tSEqWc1j5Ew4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 177
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=e7e84a57a9c0f08dda39c58c/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=e7e84a57a9c0f08dda39c58c/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=b7c336b6956950f94192a944cf16fbd7&gdpr=0&gdpr_consent=
Request Chain 178
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=iwgmxotZJ8SQWnTHjg09ytledZeQDnbC310IzWh4
Request Chain 182
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&us_privacy=1YNN HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMXFB4ZN-B-ET4L&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Request Chain 190
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NyGUeemPD64EjCFDT1bWdA?csrc=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5387666777562533276
Request Chain 191
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRkI0Wk4tQi1FVDRM&us_privacy=1YNN
Request Chain 192
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNN HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFB4ZN-B-ET4L&sigv=1&esig=2~a72e35d4543b21ddccca62fba5f3ce64fc03f255&us_privacy=1YNN
Request Chain 193
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=85596064-6a76-4300-89d6-8d9fa9d29021
Request Chain 194
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YGRqdgAAAGgtaToG&us_privacy=1YNN
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIEslfPK5bSsF7C5RjOgfIw&google_cver=1
Request Chain 196
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGI0NjRhYmQwM2VlOTgzM2VkNDViMmE5MDQ5MDE5NjBiYTg4YzI1MQ&us_privacy=1YNN
Request Chain 210
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6230805304824807909
Request Chain 212
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNHNVN0F5TlVBQUNmcVRPdXBaZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC4sU7AyNUAACfqTOupZg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC4sU7AyNUAACfqTOupZg&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4sU7AyNUAACfqTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4727255393733069352 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4sU7AyNUAACfqTOupZg
Request Chain 213
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6945793597534369939
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ki9gGc-1Qre2-Uw4aeoXLg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 217
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=922F6019-CFB5-42B7-B6F9-4C3869EA172E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=922F6019-CFB5-42B7-B6F9-4C3869EA172E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 218
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&addseg=31
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08ecce6a-86b7-43c9-98a7-eb020357e223
Request Chain 220
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6084857982209174542
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEADnTo2SWrhJ8NeN_NromsY&google_cver=1
Request Chain 222
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=0&gdpr_consent=
Request Chain 223
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8302113262692078232&gdpr=0&gdpr_consent=
Request Chain 225
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y8qGp5xE2uVEpuHoLvMd5xhDyzeTXPw-~A&gdpr=0&gdpr_consent=
Request Chain 226
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ebd18937-0baa-4edb-bdfb-6a058c5c304f HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ebd18937-0baa-4edb-bdfb-6a058c5c304f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b9e6b050-c2de-4fba-be1e-d4e6c631efda&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ebd18937-0baa-4edb-bdfb-6a058c5c304f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 227
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3532233991374577907&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 228
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn
Request Chain 229
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGRqdgAAAGgtaToG&gdpr=0&gdpr_consent=
Request Chain 230
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21bcf63a-d5ea-4e5b-9473-baa8290ba49a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 231
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348&gdpr=0&gdpr_consent=
Request Chain 234
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8302113262692078232
Request Chain 237
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1qUcCCHUZ5VAPg6eIaXGWkDK
Request Chain 239
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 240
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=iakbZ1vZDAKY&pid=557219
Request Chain 242
  • https://pixel.onaudience.com/?partner=214&mapped=922F6019-CFB5-42B7-B6F9-4C3869EA172E HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b7c336b6956950f94192a944cf16fbd7 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b1ffbb581582e690 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=900dacf9-3f71-443f-5e64-4894f1cf27fd&reqId=233f3153-e669-4a8d-74ea-1ee425df25ab&zcluid=b1ffbb581582e690&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGw5sn_BP1MwUqb0NbCQEqI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=900dacf9-3f71-443f-5e64-4894f1cf27fd&reqId=233f3153-e669-4a8d-74ea-1ee425df25ab&zcluid=b1ffbb581582e690&zdid=1332
Request Chain 243
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85596064-6a76-4300-89d6-8d9fa9d29021
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTIyRjYwMTktQ0ZCNS00MkI3LUI2RjktNEMzODY5RUExNzJF&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 245
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Request Chain 253
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=08ecce6a-86b7-43c9-98a7-eb020357e223

266 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.poststar.com/app/marketplace/homes/open_houses/
Redirect Chain
  • https://www.openhouses.poststar.com/
  • http://www.poststar.com/app/marketplace/homes/open_houses/
100 KB
22 KB
Document
General
Full URL
http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
4509d0b710d7f4b653d9c39a254a1388d4d299423430c7af0c5de79f11907d79

Request headers

Host
www.poststar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:23 GMT
content-type
text/html; charset=UTF-8
x-loop
1
cache-control
max-age=60
expires
Wed, 31 Mar 2021 12:27:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
5
set-cookie
TNNoMobile=1; path=/; expires=Thu, 2 Aug 2031 20:47:11 UTC
x-vcache
HIT
accept-ranges
bytes
content-length
22615

Redirect headers

date
Wed, 31 Mar 2021 12:26:28 GMT
location
http://www.poststar.com/app/marketplace/homes/open_houses/
cache-control
public, max-age=86400
content-length
0
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/
107 KB
16 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
188439
last-modified
Fri, 23 Oct 2020 13:08:03 GMT
cf-request-id
0929d8efbb00002325e9b54000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5b3-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929e82325-ZRH
expires
Fri, 05 Nov 2021 16:33:28 GMT
layout.78b0163131a0eb95aef899d56f817c34.css
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/
130 KB
22 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.78b0163131a0eb95aef899d56f817c34.css
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae782b53efa1b7d46d0e4563053479064f75accccc10bf1df20955a79b5686fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62458
last-modified
Wed, 24 Mar 2021 18:04:05 GMT
cf-request-id
0929d8efbb00002325b3863000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"605b7f15-209cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929e92325-ZRH
expires
Wed, 30 Mar 2022 19:01:14 GMT
lee.ds.css
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/
63 KB
11 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1616742139
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
239201
last-modified
Fri, 26 Mar 2021 07:02:19 GMT
cf-request-id
0929d8efbb00002325de05b000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"605d86fb-fc8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929eb2325-ZRH
expires
Sat, 26 Mar 2022 07:07:31 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/
6 KB
2 KB
Stylesheet
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62458
last-modified
Mon, 16 Nov 2020 16:06:26 GMT
cf-request-id
0929d8efbf0000232509948000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fb2a382-189c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929ec2325-ZRH
expires
Sat, 20 Nov 2021 08:51:02 GMT
cc.js
tags.crwdcntrl.net/c/6894/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-22.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 31 Mar 2021 06:17:52 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 16:50:47 GMT
server
AmazonS3
age
22117
etag
W/"8cd042d9f203fe2e01747c7444f95498"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ZWAqd4Z-CJ3sqkZO9ozzHH-wnabjhBeRXlSkWMXw73HCVoxj6H44Ow==
jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/
98 KB
33 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
188439
last-modified
Wed, 09 Sep 2020 19:56:59 GMT
cf-request-id
0929d8efc100002325ca8c7000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f59338b-18813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929f32325-ZRH
expires
Fri, 05 Nov 2021 07:14:49 GMT
user.js
poststar.com/shared-content/art/tncms/user/
6 KB
2 KB
Script
General
Full URL
https://poststar.com/shared-content/art/tncms/user/user.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:24:23 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
125
etag
W/"60395f93-1891"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
2304
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/
39 KB
10 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
188439
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
cf-request-id
0929d8efbc00002325e0a90000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929f02325-ZRH
expires
Thu, 04 Nov 2021 05:32:48 GMT
common.5ee3960b4d37bc106988fa535b393865.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
35 KB
13 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.5ee3960b4d37bc106988fa535b393865.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
188439
last-modified
Fri, 23 Oct 2020 13:08:36 GMT
cf-request-id
0929d8efbe00002325a888a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5d4-8a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929f82325-ZRH
expires
Wed, 03 Nov 2021 07:51:29 GMT
tnt.1477faac295a3745e4796d2263e75f11.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
7 KB
3 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
33855
last-modified
Wed, 24 Feb 2021 19:05:23 GMT
cf-request-id
0929d8efc9000023259d84e000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"6036a373-1bf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f94a2e2325-ZRH
expires
Fri, 25 Feb 2022 06:11:17 GMT
application.93d1db0a57d520951552a1dcd8fd9aeb.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
4 KB
1 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.93d1db0a57d520951552a1dcd8fd9aeb.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62458
last-modified
Mon, 16 Nov 2020 16:04:38 GMT
cf-request-id
0929d8efbc00002325d30ac000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fb2a316-f5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f929f42325-ZRH
expires
Sat, 20 Nov 2021 08:51:02 GMT
tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
2 KB
915 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.3184e9304073379bbe4e2c6500858bb1.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62458
last-modified
Fri, 29 Jan 2021 17:55:48 GMT
cf-request-id
0929d8efc900002325e0a92000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"60144c24-925"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f94a302325-ZRH
expires
Wed, 02 Feb 2022 20:01:13 GMT
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/
517 B
462 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62459
last-modified
Fri, 23 Oct 2020 13:08:16 GMT
cf-request-id
0929d8f11400002325de08c000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5c0-205"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990fb5fb32325-ZRH
expires
Thu, 04 Nov 2021 04:45:06 GMT
tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
3 KB
1 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.6e1ca8839e8a715fdecb1c734223823a.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62459
last-modified
Fri, 23 Oct 2020 13:08:13 GMT
cf-request-id
0929d8f11400002325a2a7e000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5bd-de1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990fb5fb52325-ZRH
expires
Fri, 05 Nov 2021 09:06:46 GMT
tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/
6 KB
2 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.1c7debce90f6bd1a3d679d0176d3712a.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62459
last-modified
Fri, 23 Oct 2020 13:08:15 GMT
cf-request-id
0929d8f11400002325dd228000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5bf-19fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990fb5fb82325-ZRH
expires
Wed, 03 Nov 2021 08:53:41 GMT
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/
11 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 11:15:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 21:11:52 GMT
server
sffe
age
349864
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3945
x-xss-protection
0
expires
Sun, 27 Mar 2022 11:15:25 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/
31 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 12:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Sep 2019 21:11:54 GMT
server
sffe
age
518956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8653
x-xss-protection
0
expires
Fri, 25 Mar 2022 12:17:13 GMT
messaging.js
poststar.com/shared-content/art/tncms/api/
4 KB
1 KB
Script
General
Full URL
https://poststar.com/shared-content/art/tncms/api/messaging.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:25:51 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
37
etag
W/"60395f93-11aa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1259
service-worker-allowed
/
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/
198 B
596 B
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62246
last-modified
Thu, 05 Nov 2020 18:41:10 GMT
cf-request-id
0929d8efca00002325a19e5000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5fa44746-c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990f94a332325-ZRH
expires
Sat, 06 Nov 2021 06:59:21 GMT
tracking.js
poststar.com/shared-content/art/tncms/
3 KB
1 KB
Script
General
Full URL
https://poststar.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:23:09 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 20:52:35 GMT
age
199
etag
W/"60395f93-a4c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1150
service-worker-allowed
/
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
17 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JAEaYPmlzGBPWdORjSAaYw==
age
4948
vary
Accept-Encoding
content-length
5617
cf-request-id
0929d8ef840000175625312000000001
x-ms-lease-status
unlocked
last-modified
Mon, 29 Mar 2021 02:12:23 GMT
server
cloudflare
etag
0x8D8F2581726E85D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0468e94c-d01e-00ba-3d48-2438ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
638990f8dd671756-FRA
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YyyuJSQqC/IlFtjhtrYhpg==
age
4948
vary
Accept-Encoding
cf-request-id
0929d8f1090000175637af8000000001
x-ms-lease-status
unlocked
last-modified
Wed, 03 Mar 2021 08:12:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
43f20523-e01e-007e-7e06-104729000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
638990fb484d1756-FRA
fontawesome.edd147e4c2830f416874012247117438.js
bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/
252 KB
88 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.edd147e4c2830f416874012247117438.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62459
last-modified
Fri, 23 Oct 2020 13:08:53 GMT
cf-request-id
0929d8f117000023259d87b000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5e5-3f1a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990fb5fc72325-ZRH
expires
Fri, 05 Nov 2021 04:56:49 GMT
tracker.js
www.poststar.com/shared-content/art/stats/common/
9 KB
4 KB
Script
General
Full URL
http://www.poststar.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:25 GMT
content-encoding
gzip
last-modified
Thu, 03 Dec 2020 17:41:07 GMT
age
3
etag
W/"5fc92333-2242"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3240
service-worker-allowed
/
poststar.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/
11 KB
11 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/poststar.com.png?_dc=Mar.Wed.2021
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f6e4939961ce44c91c4fa7a1d0f77b69b9d8084859e9d054ec770da6778cdb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 25 Sep 2019 23:12:37 GMT
content-length
11119
cf-request-id
0929d8f11700002325bc825000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5d8bf465-2b6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
638990fb5fcd2325-ZRH
expires
Thu, 31 Mar 2022 04:00:19 GMT
1ff8c90a-16a8-11ea-b3fc-1f149ad20647.png
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/custom/image/
2 KB
2 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/custom/image/1ff8c90a-16a8-11ea-b3fc-1f149ad20647.png
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e97762133761453261a9e8bba0896406160f8b2068ca3b5d16ca8af4d2f2231d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
cf-cache-status
HIT
age
62459
last-modified
Wed, 04 Dec 2019 15:09:53 GMT
strict-transport-security
max-age=604800
content-length
1596
cf-request-id
0929d8f11800002325c6ad8000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5de7cc41-63c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
638990fb5fd02325-ZRH
expires
Sat, 20 Nov 2021 08:38:34 GMT
1656c924-16a8-11ea-b3fc-bf233d3b9255.png
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/custom/image/
3 KB
3 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/custom/image/1656c924-16a8-11ea-b3fc-bf233d3b9255.png
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965f803d8ad03055488898d24956009dc1a5ebbd1f75ff811e3a28df095e68d5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
cf-cache-status
HIT
age
32466
last-modified
Wed, 04 Dec 2019 15:09:37 GMT
strict-transport-security
max-age=604800
content-length
3427
cf-request-id
0929d8f11800002325c136a000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5de7cc31-d63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
638990fb5fd22325-ZRH
expires
Fri, 05 Nov 2021 05:16:47 GMT
psjobs.css
www.poststar.com/app/sections/marketplace/psjobs/css/
1002 B
791 B
Stylesheet
General
Full URL
http://www.poststar.com/app/sections/marketplace/psjobs/css/psjobs.css
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
3a5e8dc4517fdeb8237ce0b121a68f0352ef1684d1f012c616d776931afecc22

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:25 GMT
content-encoding
gzip
last-modified
Fri, 10 Jul 2009 20:21:49 GMT
age
3
etag
W/"4a57a2dd-3ea"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
420
4b07f30a-16a8-11ea-b3fc-1331c55491eb.png
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/custom/image/
3 KB
3 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/custom/image/4b07f30a-16a8-11ea-b3fc-1331c55491eb.png
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965f803d8ad03055488898d24956009dc1a5ebbd1f75ff811e3a28df095e68d5
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
cf-cache-status
HIT
age
62247
last-modified
Wed, 04 Dec 2019 15:11:05 GMT
strict-transport-security
max-age=604800
content-length
3427
cf-request-id
0929d8f11800002325e0ab3000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5de7cc89-d63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
638990fb5fd42325-ZRH
expires
Sat, 06 Nov 2021 06:22:33 GMT
dfp.lazy.min.js
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/
5 KB
2 KB
Script
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.min.js?_dc=1614153762
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79456b94ef17205d2e7ce09158c3c97e909feb47209e69b0590d7951759849c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
62247
last-modified
Wed, 24 Feb 2021 08:02:42 GMT
cf-request-id
0929d8f10c00002325e9377000000001
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
W/"60360822-1292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990fb4f902325-ZRH
expires
Thu, 24 Feb 2022 08:07:46 GMT
gtm.js
www.googletagmanager.com/
154 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52c215255228b3ab165f8c432e76b4d356aaa06b671f2f2a990482b44102bb4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51757
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Mar 2021 12:26:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
Redirect Chain
  • http://securepubads.g.doubleclick.net/tag/js/gpt.js
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
58 KB
20 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d09bf7038c6fbe117545fa9d1c36537b53fcafa5a211f8cb85b7e5a81b39d0fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"828 / 588 of 1000 / last-modified: 1617189203"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19717
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT

Redirect headers

Date
Wed, 31 Mar 2021 12:05:14 GMT
X-Content-Type-Options
nosniff
Server
sffe
Age
1275
Content-Type
text/html; charset=UTF-8
Location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control
public, max-age=1800
Content-Length
249
X-XSS-Protection
0
Expires
Wed, 31 Mar 2021 12:35:14 GMT
apstag.js
c.amazon-adsystem.com/aax2/
119 KB
31 KB
Script
General
Full URL
http://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 30 Mar 2021 22:11:28 GMT
Content-Encoding
gzip
Age
51301
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Timing-Allow-Origin
*
Server
Server
ETag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
Via
1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
nufkfs73q64cp4U2jzvpPVVhwgUFzGR4XTySoOOGC3XvHTt8zIF8sQ==
a303f913-d666-4435-bfbf-394537974d99.json
cdn.cookielaw.org/consent/a303f913-d666-4435-bfbf-394537974d99/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/a303f913-d666-4435-bfbf-394537974d99/a303f913-d666-4435-bfbf-394537974d99.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f007b640ae762dcc0427f0799a7e2d681b3904354ce5c72ec789bd3998b07016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
8ADqkLNIoBDPA7CSS3XJlQ==
age
7073
vary
Accept-Encoding
content-length
1156
cf-request-id
0929d8f10300001f11ee1eb000000001
x-ms-lease-status
unlocked
last-modified
Thu, 24 Sep 2020 14:25:37 GMT
server
cloudflare
etag
0x8D86095B4BC51D8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
72950cb4-f01e-0147-37bf-b441d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
638990fb3b8d1f11-FRA
tracker.gif
www.poststar.com/shared-content/art/stats/common/
0
319 B
Image
General
Full URL
http://www.poststar.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_upage=1&tnms_do=www.poststar.com&tnms_uri=/app/marketplace/homes/open_houses/&tnms_ref=&rt=1617193589005
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
age
0
etag
"48f79fed-0"
x-vcache
MISS
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
0
survey
survey.g.doubleclick.net/
8 KB
4 KB
Script
General
Full URL
https://survey.g.doubleclick.net/survey?site=_byw3fkusvd5ofnyyejbdut7oze&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&cid=everything&random=1617193589008
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4f1affc8310c17ca43db22c764e0d9ff6fea319383900a6f66522e29974e97f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, must-revalidate, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
vary
*
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
164 B
521 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
638990fb8c814ed9-FRA
cf-request-id
0929d8f13800004ed9220e0000000001
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
162 B
225 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
638990fb8c824ed9-FRA
cf-request-id
0929d8f13900004ed930b0d000000001
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
682
date
Wed, 31 Mar 2021 12:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 31 Mar 2021 14:15:07 GMT
gtm.js
www.googletagmanager.com/
88 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
379d1d87028bd1acb01dfd7fdc80414ae86e940697a0f69af0c631853d46e0b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33019
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Mar 2021 12:26:29 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.6.0/
338 KB
72 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Xs4BplpA7QV+zkRYpo3+wA==
age
3730698
vary
Accept-Encoding
content-length
73082
cf-request-id
0929d8f15a00001756310e6000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:33 GMT
server
cloudflare
etag
0x8D85529F2EBAD26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75e8843e-f01e-00e2-2e3a-043c94000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
638990fbc8ad1756-FRA
expires
Thu, 08 Apr 2021 12:26:29 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
2 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
549
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Wed, 31 Mar 2021 13:17:20 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
536 B
XHR
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
prompt_embed_static.js
survey.g.doubleclick.net/insights/consumersurveys/static/434094026565202256/
391 KB
391 KB
Script
General
Full URL
https://survey.g.doubleclick.net/insights/consumersurveys/static/434094026565202256/prompt_embed_static.js
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_byw3fkusvd5ofnyyejbdut7oze&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&cid=everything&random=1617193589008
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
55a377384671921bafe7c234c76ad5c0f9967182cccde8f82255a2f386be78f7

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 30 Mar 2021 20:13:27 GMT
last-modified
Tue, 30 Mar 2021 17:28:55 GMT
server
Google Frontend
age
58382
content-type
application/javascript
x-cloud-trace-context
9c8fd2db9217ee459545afff0a04024b
cache-control
public, max-age=2592000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
400144
integrator.sync.js
adservice.google.de/adsid/
111 B
321 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=www.poststar.com
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_byw3fkusvd5ofnyyejbdut7oze&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&cid=everything&random=1617193589008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
4
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sat, 06 Mar 2021 01:32:40 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
Via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
DUS51-C1
Content-Type
application/javascript
X-Amz-Cf-Id
3h8XFv_wbDn9cKTwNtmAZO8hJLKA-snPOY3h4PLHLxp2Z2bv1mjXUQ==
en.json
cdn.cookielaw.org/consent/a303f913-d666-4435-bfbf-394537974d99/75787057-4552-493b-aa72-b303111d8f91/
14 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/a303f913-d666-4435-bfbf-394537974d99/75787057-4552-493b-aa72-b303111d8f91/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a70fb6fbf76e1ed79a829d054838b6a035f0b01cd9c9ab043e10e1155fde2dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
94ewjW+osqu5IDIIGb5RKQ==
age
7072
vary
Accept-Encoding
content-length
4840
cf-request-id
0929d8f18f00001f1169193000000001
x-ms-lease-status
unlocked
last-modified
Thu, 24 Sep 2020 14:24:42 GMT
server
cloudflare
etag
0x8D860959408037F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4603f66e-601e-0046-6671-b20670000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
638990fc1cb31f11-FRA
publisher:getClientId
ampcid.google.de/v1/
3 B
465 B
XHR
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
pubads_impl_2021032202.js
securepubads.g.doubleclick.net/gpt/
286 KB
100 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Mar 2021 18:01:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102487
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT
otFloatingFlat.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFloatingFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
qiq5l7qzEHE2l1Y9A93NLw==
age
4
vary
Accept-Encoding
content-length
2654
cf-request-id
0929d8f1d900001f11e79a3000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:25 GMT
server
cloudflare
etag
0x8D85529EE52897D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
65a5cdf4-401e-017c-0529-260386000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
638990fc8d581f11-FRA
expires
Thu, 08 Apr 2021 12:26:29 GMT
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/
61 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
C9ZZX5WmmuvxVnmOg+8oDA==
age
4
vary
Accept-Encoding
content-length
14901
cf-request-id
0929d8f1d900001f11d8a6f000000001
x-ms-lease-status
unlocked
last-modified
Thu, 10 Sep 2020 01:36:25 GMT
server
cloudflare
etag
0x8D85529EE46C785
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a3089528-d01e-00ba-0629-2638ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
638990fc8d5a1f11-FRA
expires
Thu, 08 Apr 2021 12:26:29 GMT
prompt
survey.g.doubleclick.net/gk/
0
281 B
Script
General
Full URL
https://survey.g.doubleclick.net/gk/prompt?site=_byw3fkusvd5ofnyyejbdut7oze&t=1&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&cid=everything&random=1617193589097&ref=&token=
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_byw3fkusvd5ofnyyejbdut7oze&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&cid=everything&random=1617193589008
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why
UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 31 Mar 2021 12:26:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
1 B
85 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54716522-7&cid=194228186.1617193589&jid=85540809&gjid=468347309&_gid=600286437.1617193589&_u=aGBAgUALAAQCAE~&z=2135105474
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Mar 2021 12:26:29 GMT
content-type
text/plain
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
190 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&aip=1&a=1214380224&t=pageview&_s=1&dl=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&ul=en-us&de=UTF-8&dt=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUALAAQC~&jid=85540809&gjid=468347309&cid=194228186.1617193589&tid=UA-54716522-7&_gid=600286437.1617193589&gtm=2wg3h0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=&cd16=No&cd17=Page%20View&cm1=162&z=1844479401
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Mar 2021 21:58:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52067
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
128 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7d28c5ab059f7caafae403f7f142daa54ecb150793657b912348046ae66745b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50254
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
  • https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
345 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab9e5d421e07bea11148e6a418c248ada64a3b6de0794f5138c3549639c31d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79669
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Mar 2021 12:26:29 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Non-Authoritative-Reason
HSTS
Default.aspx
www.classifiedconcepts.com/CCDL3/AppOH/ Frame 3DC1
2 KB
2 KB
Document
General
Full URL
http://www.classifiedconcepts.com/CCDL3/AppOH/Default.aspx?cid=GFPNY
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
66.155.59.43 Los Angeles, United States, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3e5a1ff76c0dbf1d3095189ac9548a524542b45aed9d2c101155286da07ff595

Request headers

Host
www.classifiedconcepts.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.poststar.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.poststar.com/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Wed, 31 Mar 2021 12:26:28 GMT
Content-Length
1935
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
serif-ds.woff2
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/
26 KB
26 KB
Font
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/serif-ds.woff2
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1616742139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
http://www.poststar.com
Referer
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1616742139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Fri, 26 Mar 2021 07:02:19 GMT
content-length
26164
cf-request-id
0929d8f2b2000023afaa3b5000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"605d86fb-6634"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
638990fdeb6b23af-ZRH
expires
Thu, 31 Mar 2022 12:26:26 GMT
bid
c.amazon-adsystem.com/e/dtb/
158 B
529 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&pid=kh3hhZgeLMljx&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8438%2Fpoststar.com%2Fnews%22%7D%5D&pj=%7B%22sections%22%3A%22news%22%7D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
006013c9aa1a1e59af8101222585272cf6d3385cc4e241aa28455bf2fa97db3b

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
http://www.poststar.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
152
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
x-amz-cf-id
D6ejWcZpbmhnE90n30F_E5Sy0dQ4pHT6fwuYGvuDXlhFBUgq3UUjKg==
integrator.js
adservice.google.ch/adsid/
107 B
799 B
Script
General
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
21 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2744083097514323&correlator=321822969785267&output=ldjh&impl=fifs&eid=31060550%2C31060297%2C31060367%2C44739387&vrg=2021032202&ptt=17&us_privacy=1YNN&sc=0&sfv=1-0-38&ecs=20210331&iu_parts=8438%2Cpoststar.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D12%26lee_day%3D3&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dopen%2520houses%252C%2520real%2520estate%252C%2520showings%252C%2520homes%2520for%2520sale%252C%2520upstate%2520new%2520york%2520homes%252C%2520warren%2520county%2520open%2520houses%252C%2520farms%252C%2520vacation%2520homes%252C%2520rental%2520property%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=23&abxe=1&lmt=1617193589&dt=1617193589658&dlt=1617193588601&idt=703&frm=20&biw=1600&bih=1200&oid=3&adxs=799&adys=0&adks=198390371&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=194228186.1617193589&ga_sid=1617193590&ga_hid=1214380224&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
414548cf117637b2591a53f74059f66829f55dce7c1b1ddd2dc29099e48723a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6416
x-xss-protection
0
google-lineitem-id
5640234411
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138342906900
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a896125dab8f29e86e288da46edd18c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://a896125dab8f29e86e288da46edd18c4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
5 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2744083097514323&correlator=1243027231594773&output=ldjh&impl=fifs&eid=31060550%2C31060297%2C31060367%2C44739387&vrg=2021032202&ptt=17&us_privacy=1YNN&sc=0&sfv=1-0-38&ecs=20210331&iu_parts=8438%2Cpoststar.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3Dfixed-impact-bottom%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D3%26lee_hours%3D12%26lee_day%3D3&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dopen%2520houses%252C%2520real%2520estate%252C%2520showings%252C%2520homes%2520for%2520sale%252C%2520upstate%2520new%2520york%2520homes%252C%2520warren%2520county%2520open%2520houses%252C%2520farms%252C%2520vacation%2520homes%252C%2520rental%2520property%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=23&abxe=1&lmt=1617193589&dt=1617193589665&dlt=1617193588601&idt=703&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=1&adks=867577994&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=194228186.1617193589&ga_sid=1617193590&ga_hid=1214380224&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b31c085418d26c65e2230c4b6856c1a15f5ec0f6a09cfd85f98cddfa50420030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2784
x-xss-protection
0
google-lineitem-id
751596797
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
89240352317
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
441 B
269 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2744083097514323&correlator=3646257909525948&output=ldjh&impl=fifs&eid=31060550%2C31060297%2C31060367%2C44739387&vrg=2021032202&ptt=17&us_privacy=1YNN&sc=0&sfv=1-0-38&ecs=20210331&iu_parts=8438%2Cpoststar.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D2%26lee_hours%3D12%26lee_day%3D3&eri=1&cust_params=k%3Dopen%2520houses%252C%2520real%2520estate%252C%2520showings%252C%2520homes%2520for%2520sale%252C%2520upstate%2520new%2520york%2520homes%252C%2520warren%2520county%2520open%2520houses%252C%2520farms%252C%2520vacation%2520homes%252C%2520rental%2520property%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=23&abxe=1&lmt=1617193589&dt=1617193589670&dlt=1617193588601&idt=703&frm=20&biw=1600&bih=1200&oid=3&adxs=798&adys=2306&adks=591209252&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=194228186.1617193589&ga_sid=1617193590&ga_hid=1214380224&ga_fc=false&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c91c2dc5a6de1fa512b4bbd5783ea899fcd33b2f25bdf1d40a0528a51788d697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
6063f2b01b69c.preview-620.jpg
bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/assets/v3/eedition/8/c6/8c6bd631-1a74-5ea7-9d49-93abc3822ccf/
170 KB
170 KB
Image
General
Full URL
https://bloximages.chicago2.vip.townnews.com/poststar.com/content/tncms/assets/v3/eedition/8/c6/8c6bd631-1a74-5ea7-9d49-93abc3822ccf/6063f2b01b69c.preview-620.jpg?resize=620%2C1240
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4386eff36cb49fb14e9148d1d72718ad3028731b44051e703cf284a83f017082
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 31 Mar 2021 03:55:28 GMT
cf-bgj
h2pri
cf-request-id
0929d8f3f500002325b7971000000001
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"6132bee57f12cbdad311e6f6a4ce9746"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
638990ffda2f2325-ZRH
expires
Thu, 31 Mar 2022 04:01:20 GMT
collect
www.google-analytics.com/g/
0
122 B
Other
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe3h0&_p=1214380224&sr=1600x1200&ul=en-us&cid=194228186.1617193589&_s=1&dl=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&dt=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&sid=1617193589&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=162&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C8D2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbmueUWWyA2X8MKZ8MpasSjOUMKUuG0DbPCbOfgyllEyTaooGf_HRfWz8T_arpj3I2IzcJiXfpIhMBIub67VFNlNH4W2iiLVPPP6pCCMmltYbKooHylBwaa4mA2f1SHkGsJ1ljMjDRX_K_Q4J_T-VBjLGHvGjo8bmB9sEqqXCPIflUwVCszhmfWddgKEfNBewQzPNhq0UArj8lg8GP63LhkF--EKJ4UGtQ88_k8Z3ZFQqWKz0gXZ8ZNAqEtV4hwzSWbSRx4p0ZHXB3jSbbWS4DiUlxcjlTEtmK6p2LxvCJIp2LatDsg_m9lDjBkx6KDocD&sai=AMfl-YR3fAxbOn3I9AOzwlSTAC8syz5nkB9FL9ANuIxH06sf0rnv0bDImxd12asIDUQnQhqGADi98htJd8IWvEA8LxEkJa1iDmhEL4VNfoebxezF9m5DxXT4uqP60aAR9U4&sig=Cg0ArKJSzML0J7mSZdVWEAE&urlfix=1&adurl=
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Mar 2021 12:26:29 GMT
rciv.js
cdn.tynt.com/ Frame C8D2
Redirect Chain
  • http://cdn.tynt.com/rciv.js
  • https://cdn.tynt.com/rciv.js
15 KB
6 KB
Script
General
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 18:27:52 GMT
server
cloudflare
age
221377
etag
W/"5f401228-3dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
638991017d9123df-ZRH
cf-request-id
0929d8f4e9000023dfe107d000000001
expires
Sat, 03 Apr 2021 12:26:30 GMT

Redirect headers

Date
Wed, 31 Mar 2021 12:26:29 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://cdn.tynt.com/rciv.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
638991004bb52355-ZRH
cf-request-id
0929d8f42b0000235562a15000000001
Expires
Wed, 31 Mar 2021 13:26:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8D2
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT
osd.js
www.googletagservices.com/activeview/js/current/
73 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017733465819"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28245
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CA62
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthhs_2qDG2ANZ9UQR1hpvY2X_28IWoKJKejnYvgQAPgDnvUreLC8-AkfGqOkGTKpcO7ujHpFg8-m6BtAxddAhnL_zGyVOjaIYlbHBvACm5Y4rjl6-mNP1MsKfe54iLMHMbsVVc_reO7kh2YNAJIzPH1deE3GksQ8na0LcqJqbD-d1AwdeQ2WVecQFbiTLf4xoLEwdnbALjpc2Y7ltXTQkYKKjAQDbBDnVbue_PTgOCr2sy8z8-nnyFSsRfBPyMPptrfErOtfOWS7GzU-Qdr4NuqT6T9Jjed5gCCgpgQT9dJyi1tXUV5N8O&sai=AMfl-YRX66PpPdg2WTWDnmObqD1Ved-yWa_DZ8OSNaUTUf5-5PI88wOW2XQEvzJTca_XZc-qytGeSUWRJbn8Avv2TNm57_npKQyrpwbT9JZ-RyRSsXZ51Bf0pzzYV-9OPuE&sig=Cg0ArKJSzAc-TgNI__rxEAE&urlfix=1&adurl=
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Mar 2021 12:26:29 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/
52 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.6edb5af3e93b0a377ec925c5f1c6ddde.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1671990
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3279
cf-request-id
0929d8f43500004a8b65a6b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-ce35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x64w1OdR8A7eh12cDyfT4HIiD6FxErfWHaGXQ0Qpas2HadKROawqslNNyGt%2BV%2FiFgH3NBBMqnw2siCGEQU2RDCNRpefu2TrYrl654TvRNHBXA4R%2Fc%2FSfuIfcQoi2v9w26w%3D%3D"}],"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
638991005cc74a8b-FRA
expires
Mon, 21 Mar 2022 12:26:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA62
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT
3510635855426768146
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDXx8_YfxABGAEyCPmkpliif3TY
  • https://tpc.googlesyndication.com/simgad/3510635855426768146
189 KB
189 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3510635855426768146
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3ea86e999affe12f16c132bf61905bcf959a0dfe0cdfdf09d1d2931a778f7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 18:41:47 GMT
server
sffe
x-dns-prefetch-control
off
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193190
x-xss-protection
0
expires
Thu, 31 Mar 2022 12:26:30 GMT

Redirect headers

timing-allow-origin
*
date
Tue, 30 Mar 2021 22:56:15 GMT
x-content-type-options
nosniff
server
cafe
age
48614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3510635855426768146
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 29 Apr 2021 22:56:15 GMT
15561662653971569072
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKDXx4-_4AEQARgBMgimWnz7PJc8hg
  • https://tpc.googlesyndication.com/simgad/15561662653971569072
110 KB
111 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15561662653971569072
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e28d98d00ac01cadd6d849a4e2bd093379a36618ca5978e211cf99fbdb62f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 18:41:52 GMT
server
sffe
x-dns-prefetch-control
off
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113025
x-xss-protection
0
expires
Thu, 31 Mar 2022 12:26:29 GMT

Redirect headers

timing-allow-origin
*
date
Tue, 30 Mar 2021 22:56:15 GMT
x-content-type-options
nosniff
server
cafe
age
48614
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/15561662653971569072
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 29 Apr 2021 22:56:15 GMT
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
128 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ebd9209860acdfd433d38c87b6d910faef22391237f009b9be42a6d5121fc29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50290
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:29 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
938 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:50:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2177
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:50:12 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
924
date
Wed, 31 Mar 2021 12:11:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Wed, 31 Mar 2021 14:11:05 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
sp-gzip-2-17-3.js
storage.googleapis.com/lee-snowplow/static/
77 KB
27 KB
Script
General
Full URL
https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:06:17 GMT
content-encoding
gzip
age
1212
x-guploader-uploadid
ABg5-UwrDjPn__9xQciByh5DNb_3yKMwZOOc98fZeYlnY0dwlqeydmx-Ve9ibLhUb76Sr7F764LYqVoTF8J30T5Ag-iOC3Tb4Q
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26950
x-goog-meta-
last-modified
Thu, 18 Feb 2021 15:16:40 GMT
server
UploadServer
etag
"d3142accd3f370a95f561f0fbfb3114b"
vary
Accept-Encoding
x-goog-hash
crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation
1613661400000346
cache-control
max-age=31536000
x-goog-stored-content-length
26950
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 31 Mar 2022 12:06:17 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
5Bgp7SBoIdaS6Oq+Mi2HE17SnSgDiqz7IgkhsX6mbuiq4mM0YX8qQXVFBzzwrNvvF450G4In9HWmS5SGJzdW0Q==
x-fb-trip-id
2052514463
x-frame-options
DENY
date
Wed, 31 Mar 2021 12:26:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
i99g3gee.js
d81mfvml8p5ml.cloudfront.net/
13 KB
5 KB
Script
General
Full URL
http://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
HTTP/1.1
Server
2600:9000:20eb:3a00:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:19:08 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 23 Mar 2021 14:15:29 GMT
Server
AmazonS3
Age
442
ETag
W/"d5439e10177501ec79fe34fba97cb263"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
Cache-Control
max-age=600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
mq2EfOMsRrggcnkPOL5Lb7KS-G0QwKqDP6ylkY8tY3_ZCsTauj9AZw==
ml.gz.js
js.matheranalytics.com/static/ltm/ma1527/lee/3/
Redirect Chain
  • http://js.matheranalytics.com/s/ma1527/725149320/lee/ml.js?cb=1560
  • http://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.gz.js
139 KB
46 KB
Script
General
Full URL
http://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.gz.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c77519cfdb3f918d4e3b9f39bd2f296779e6269476bfe2be98d3eaa6cc8b183

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 30 Mar 2021 17:17:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Feb 2021 02:56:54 GMT
Server
nginx
Age
68966
ETag
"d92b401da704dc742a22a7b45f93259a"
Vary
Accept-Encoding
x-cache
HIT Fri, 12 Feb 2021 03:09:53 GMT
Content-Type
application/x-javascript
Via
1.1 google
Cache-Control
public,max-age=3600
Content-Length
46961

Redirect headers

Date
Wed, 31 Mar 2021 12:26:29 GMT
Via
1.1 google
Server
nginx
Vary
Accept-Encoding
Location
http://js.matheranalytics.com/static/ltm/ma1527/lee/3/ml.gz.js
Cache-Control
public, max-age=269200
Transfer-Encoding
chunked
X-Served-By
0-gc-euw1-10920
beacon.js
b.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
http://b.scorecardresearch.com/beacon.js
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
2.16.186.51 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:29 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Thu, 01 Apr 2021 12:26:29 GMT
integrator.js
adservice.google.ch/adsid/
107 B
777 B
Script
General
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
13 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2744083097514323&correlator=2545774443798319&output=ldjh&impl=fifs&eid=31060550%2C31060297%2C31060367%2C44739387&vrg=2021032202&ptt=17&us_privacy=1YNN&sc=0&sfv=1-0-38&ecs=20210331&iu_parts=8438%2Cpoststar.com%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&prev_scp=pos%3Dfixed-leaderboard-top%2Catf%2C50%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D9%26lee_hours%3D12%26lee_day%3D3%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dopen%2520houses%252C%2520real%2520estate%252C%2520showings%252C%2520homes%2520for%2520sale%252C%2520upstate%2520new%2520york%2520homes%252C%2520warren%2520county%2520open%2520houses%252C%2520farms%252C%2520vacation%2520homes%252C%2520rental%2520property%26sub%3Dno%26page%3Dindex%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie=ID%3D3e3b17b966668bbc-22f5d528eeba002c%3AT%3D1617193589%3AS%3DALNI_MZq5SJ9GZV6h17cj-s5T4erTUwJ8w&bc=23&abxe=1&lmt=1617193589&dt=1617193589921&dlt=1617193588601&idt=703&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=203&adks=831975835&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&psts=AGkb-H93ZylKcG8FrxvGbO432nN4axDQTm0FUoMqfZ9_rIyfiQ8U7Mmer-qO0EHKKoxFnzmdLOcFp0-fhgQ%2CAGkb-H_M2aUkwNgCZoXrCW1knC2QwG5TO86CLnEII5ZuLMfB_SO6jfl_ZUn_b7Exx_gXgepFQ1fSmz1FEeIT045lZVw3%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=194228186.1617193589&ga_sid=1617193590&ga_hid=1214380224&ga_fc=false&ga_cid=600286437.1617193589&fws=4&ohw=1600
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d0d32fe5b30e866839decf84b118342f4be10b6c25ca1858f6aba25037b0734c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6107
x-xss-protection
0
google-lineitem-id
5631383016
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138341558897
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame C8D2
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c9f462b9ddb54a7a6e44095009d3c0868cf1c131adfa4c5b2fa5a04b20820da

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame BABC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
280 B
956 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: http://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
54ab33bf7927f92752e316b76a8976c658f90cb87860bcc209846562f2e133fa

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://www.poststar.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.poststar.com/

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
219
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 12:26:30 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 12:26:30 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 12:26:30 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
view
securepubads.g.doubleclick.net/pcs/ Frame CA62
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpg-VqT7ZpS8Y5nSl2eF1gnpscGSHL9qLi0Jusng2TP2PBgFrBoDraIQVrZZGpsJHS7yKkjnH7B6j3SRBKi2G1zR0kefGWdGfsAtOQhmHysOsixwx8t-e76ox9XGeeVlZPqpm717mADQdySmR42i_11c-Sb3ghrd8GWCWfLUhTKqXvzhtFF7-SK0Oy-hz5la2qZu3GroHJ87Vgt2HupauuwvzKI6PlsEL5yoLfAGZg11YQRHqIJ_tzeYvq9tF3tjs0dz-j4_dDV4EBjKDs9iU4GvwFJdec8TIQIEdOjlI1yVssEmOXTLeDPhg&sai=AMfl-YQhbz0uM4gm5fs0X_GBjzbm53mZjTFJjmGA8KbGdG9rmsK-3QGUMVojkbY0bnF0WcEz-63kBOAT35LU9798cMDyc51aprmYjmaJG_kc8eFhIMh7ZWaTy81v5dMBtvs&sig=Cg0ArKJSzINAtIj59sZGEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Mar 2021 12:26:30 GMT
collect
stats.g.doubleclick.net/j/
4 B
424 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-54716522-2&cid=194228186.1617193589&jid=1745150829&gjid=216823955&_gid=600286437.1617193589&_u=aHDAgUArQAQCAE~&z=975797949
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
text/plain
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
92 KB
35 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm258&cid=194228186.1617193589
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3dab02509ffe0c88da5bcd61b7924352fdc54932efb608c8fdb2e588edc4f88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36054
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:30 GMT
collect
www.google-analytics.com/
35 B
63 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=1214380224&t=pageview&_s=1&dl=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&ul=en-us&de=UTF-8&dt=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgUArQAQCAE~&jid=1745150829&gjid=216823955&cid=194228186.1617193589&tid=UA-54716522-2&_gid=600286437.1617193589&gtm=2wg3h0TDWDC2&cd1=desktop&cd2=poststar.com&cd3=editorial&cd4=index&cd6=news&cd14=Undefined&cd17=null&cd20=anonymous&cd23=news&cg1=news&cd21=Glens%20Falls&cd22=flex-editorial&cd30=45&cd31=Fair&cd51=Glens%20Falls&cd52=2&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=no&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F89.0.4389.72%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=5&cd106=Page%20View&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd89=194228186.1617193589&z=1400424249
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Mar 2021 21:58:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52068
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
yy2
a.leetemplates.com/lee/
2 B
491 B
XHR
General
Full URL
http://a.leetemplates.com/lee/yy2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol
HTTP/1.1
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Wed, 31 Mar 2021 12:26:30 GMT
Via
1.1 google
Server
akka-http/10.1.12
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
http://www.poststar.com
Access-Control-Allow-Credentials
true
Content-Type
text/plain; charset=UTF-8
Content-Length
2
yy2
a.leetemplates.com/lee/ Frame
0
0
Preflight
General
Full URL
http://a.leetemplates.com/lee/yy2
Protocol
HTTP/1.1
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://www.poststar.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
http://www.poststar.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, SP-Anonymous
Access-Control-Max-Age
5
Server
akka-http/10.1.12
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Length
0
Via
1.1 google
961211893969940
connect.facebook.net/signals/config/
244 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/961211893969940?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ec179a70c6612cc15f73b464687aca640c5ebde31ef010b3b6061ebb235f6c6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
71180
x-fb-rlafr
0
pragma
public
x-fb-debug
dgMc0RYP8e+xe0Esd0NOBKFKVFObLJRFZNHVaGX1D5hPXhpb9RIp4gzw45ZD/LrmcnZjACXCN8j37aCmwfEaSQ==
x-fb-trip-id
2052514463
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 31 Mar 2021 12:26:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dn1i8v75r669j.cloudfront.net/v/
67 B
489 B
Script
General
Full URL
http://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: http://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
HTTP/1.1
Server
2600:9000:21f3:c600:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb292adfbeea105ed080b816b23bf0e647e6461644f8f000de511886ae81ee74

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:27 GMT
Via
1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
Connection
keep-alive
Age
3
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
wdOd9hFN0-M1T6IVtP14AoXeUHAeZORh8QF720f-cGyrhRObc_plfw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1617193590169&ns_c=UTF-8&cv=3.5&c8=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&c7=...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1617193590169&ns_c=UTF-8&cv=3.5&c8=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&c7...
0
528 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1617193590169&ns_c=UTF-8&cv=3.5&c8=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&c7=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&c9=&cs_ak_ss=1
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1617193590169&ns_c=UTF-8&cv=3.5&c8=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&c7=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
72 B
Other
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-G2BL49024K&gtm=2oe3h0&_p=1214380224&sr=1600x1200&_gaz=1&ul=en-us&cid=194228186.1617193589&_s=1&dl=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&dt=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&sid=1617193589&sct=1&seg=0&en=page_view&_fv=2&_ss=1&up.status=anonymous&up.subscription=No
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
23 B
Other
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2BL49024K&cid=194228186.1617193589&gtm=2oe3h0&aip=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-G2BL49024K&l=dataLayer&cx=c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2BL49024K&cid=194228186.1617193589&gtm=2oe3h0&aip=1&z=735817672
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a9JORiXIKr5BlZrkHcnnVW.js
sc.tynt.com/script/sc/ Frame C8D2
937 B
1017 B
Script
General
Full URL
https://sc.tynt.com/script/sc/a9JORiXIKr5BlZrkHcnnVW.js
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f288838a9ad31e006954f556180652f85c00f6df72143326d785e568548307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
145141
status
200 OK
x-xss-protection
1; mode=block
x-request-id
fc7b1b53-6aae-4c71-852c-d2b8dca91f7e
x-runtime
0.002402
x-content-digest
8e908a083520dc1d2bce8124ec704a573f531246
last-modified
Sat, 27 Mar 2021 14:07:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-request-id
0929d8f5c8000023dfe1a5e000000001
cf-ray
63899102d87b23df-ZRH
x-rack-cache
fresh
expires
Sun, 28 Mar 2021 13:59:08 GMT
p
ic.tynt.com/b/
35 B
523 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=a9JORiXIKr5BlZrkHcnnVW&lm=6&ts=1617193590198&dn=RCIV&iso=0&us_privacy=1YNN&t=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
ga-audiences
www.google.com/ads/
42 B
111 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54716522-2&cid=194228186.1617193589&jid=1745150829&_u=aHDAgUArQAQCAE~&z=399328322
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
483 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-54716522-2&cid=194228186.1617193589&jid=1745150829&_u=aHDAgUArQAQCAE~&z=399328322
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
http://www.i.matheranalytics.com/i?e=pv&page=Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com&sec=news&ptype=index&metered=0%7C5&hier=news&cms=townnews%2Fblox&arttype=editorial&tv=js-3.0.122&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=3&tvcfg=lee&tid=2bbebb5c-e179-4404-a27c-e0023a6dda76&pid=9846bcff-7575-4885-be01-db9828f1bea5&dtm=1617193590246&qnm=_matherq&visible=1&tabid=164cc1cc-ebf2-4b5a-bafa-494ad34e4237&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vp=1600x1200&ds=1600x2306&tofa=1617193590&vid=1&lvidt=1617193590&duid=6b0b55b6c8b399e1&fp=1072425006&cid=ma1527&mrk=725149320&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNzE5MzU4Nzk4NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxOS4zbWIiLCJoZWFwVCI6IjI0LjVtYiIsImZzdFBhaW50IjoiMTYzMiIsImZldGNoUyI6IjM2OSIsImRvbWFpblMiOiIzNzAiLCJkb21haW5FIjoiMzcxIiwiY29ublMiOiIzNzEiLCJjb25uRSI6IjM4OCIsInJlcXVTIjoiMzg4IiwicmVzcFMiOiI2MTMiLCJyZXNwRSI6IjcxOCIsImRvbUxvYWQiOiI2MTUiLCJkb21JbnRlciI6IjE2OTAiLCJkb21Mb2FkUyI6IjE2OTYiLCJkb21Mb2FkRSI6IjE3MDkifSwia2V5d29yZHMiOlsib3BlbiBob3VzZXMiLCJyZWFsIGVzdGF0ZSIsInNob3dpbmdzIiwiaG9tZXMgZm9yIHNhbGUiLCJ1cHN0YXRlIG5ldyB5b3JrIGhvbWVzIiwid2FycmVuIGNvdW50eSBvcGVuIGhvdXNlcyIsImZhcm1zIiwidmFjYXRpb24gaG9tZXMiLCJyZW50YWwgcHJvcGVydHkiXX0
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
HTTP/1.1
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-210-103.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:30 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/
0
107 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryjhRQZTTrFOAhUreB

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
text/plain
access-control-allow-origin
http://www.poststar.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/
44 B
236 B
Image
General
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&rl=&if=false&ts=1617193590298&cd[custom_param]=poststar.com&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1617193590288.591751299&it=1617193590127&coo=false&rqm=GET
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 31 Mar 2021 12:26:30 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ Frame C8D2
441 KB
129 KB
Script
General
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
32a7ced3ccdc6b7327926b3cdd3b989e1c6faa327b2c2e850043d52945062d57

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 21:31:47 GMT
server
cloudflare
age
500772
x-powered-by
Love
etag
W/"605123c3-6e581"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
63899103da9d2325-ZRH
cf-request-id
0929d8f66900002325dc052000000001
expires
Wed, 31 Mar 2021 13:26:30 GMT
i99g3gee_content_config_1616508928715.js
dkpklk99llpj0.cloudfront.net/
741 B
1 KB
Script
General
Full URL
http://dkpklk99llpj0.cloudfront.net/i99g3gee_content_config_1616508928715.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: http://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
HTTP/1.1
Server
2600:9000:20eb:5200:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5986af015b65afced1df1e2b5920c55790f2da55a963154befd162a13f981cf

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Mar 2021 14:30:37 GMT
Via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 23 Mar 2021 14:15:30 GMT
Server
AmazonS3
Age
683754
ETag
"08b2ce75b37089d3f59ec03fb7e4b900"
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
741
X-Amz-Cf-Id
zySGVgXWdtX4Eo4K6lwDXWDoGFOTQxn3crNR5De9wMR3KoZtp5KwQQ==
i99g3gee_1606137453919.js
dkpklk99llpj0.cloudfront.net/
48 KB
15 KB
Script
General
Full URL
http://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: http://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
HTTP/1.1
Server
2600:9000:20eb:5200:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 14:53:53 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 23 Nov 2020 13:17:46 GMT
Server
AmazonS3
Age
3965558
ETag
W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
OVl8MrxTUW4m3_vAUOdhZKNLUcyz4t1Hw24ivIC94kOmE03ZVPkN7Q==
/
am.freshrelevance.com/tpc/ Frame E586
5 KB
5 KB
Document
General
Full URL
http://am.freshrelevance.com/tpc/
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: http://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol
HTTP/1.1
Server
52.30.36.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-36-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
55c58a81ad956f2675d0ff48fd771d80e452878036ad5b2c5a37f18bc731f8cd

Request headers

Host
am.freshrelevance.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.poststar.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.poststar.com/

Response headers

Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Length
4662
Connection
keep-alive
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 2516
2 KB
1 KB
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
fc8cbf5a35532137fd68de77a639b965065c14026147fd1be69b47e124726ab6

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
690
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
view
securepubads.g.doubleclick.net/pcs/ Frame 78A9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9g2IkXY2msyyoobxQDFx_LFfrwMtey9JYbRk_x6-w7bQ0tnByq-b4NAYP_Ak11MeZyj51Eez6mDdryfPZHUdEOHsdenV_ppyYKArSwMMNPy1f28yl_GJAQHJTr_Dbx6qeOW0EQ61p_4jJIeE7-uofspydEACA8IZvxMNbNvRI6mpbfgYht33OkYzbWU0i0Quc_MUDIsuV-pyPrWZhcv3yG_fUF7m9eJ2ah8IQC31Qu79XAjnleJBvu22T41fCyir_-4NAwos2NtBNxri6Epv7AH3lI0GW1cnNzae486rXiJlVJw&sig=Cg0ArKJSzPZ_HyIMpoDsEAE&adurl=
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 78A9
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:25:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 12:25:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 78A9
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617017751739567"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36599
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:30 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/ Frame 78A9
24 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210322/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bc5cdc982210fa5f543ec21cb32c7246c3226cc4d48a525248df920af7eb107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:58:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1694
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10339
x-xss-protection
0
server
cafe
etag
15412717976415995934
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 14 Apr 2021 11:58:16 GMT
1942100694512070982
tpc.googlesyndication.com/simgad/ Frame 78A9
163 KB
163 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1942100694512070982
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4c9f79c63e59fa4998656fa056fdbc913748d2a17eb1b5f0429c02e900118eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 03 Mar 2021 14:28:24 GMT
server
sffe
x-dns-prefetch-control
off
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166651
x-xss-protection
0
expires
Thu, 31 Mar 2022 12:26:30 GMT
truncated
/ Frame 78A9
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0683cd99aba155b159a55dbbaa2b4d8adb1f45aadc6034fa671212911c4877cc

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
v2
de.tynt.com/deb/
4 B
359 B
Script
General
Full URL
https://de.tynt.com/deb/v2?id=a9JORiXIKr5BlZrkHcnnVW&dn=RCIV&cc=1&r=&us_privacy=1YNN
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
rtb.gumgum.com/ Frame 2516
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4977858355
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4977858355
  • https://sync.1rx.io/usersync/tradedesk/08ecce6a-86b7-43c9-98a7-eb020357e223
  • https://sync.targeting.unrulymedia.com/csync/RX-085e59db-593e-44d2-8320-545435dd19c9-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-085e59db-593e-44d2-8320-545435dd19c9-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-085e59db-593e-44d2-8320-545435dd19c9-003
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-085e59db-593e-44d2-8320-545435dd19c9-003
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:32 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
Server
Tengine
ETag
RX085e59db593e44d28320545435dd19c9003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-085e59db-593e-44d2-8320-545435dd19c9-003
Connection
keep-alive
Content-Type
text/html
amzns2s
rtb.gumgum.com/usync/ Frame 35CB
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
aaeac710ad8f357ac539c9a355875d0d50e2d3b93105a7ce901437903b25b04e

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9; Domain=.gumgum.com; Expires=Thu, 31-Mar-2022 12:26:30 GMT; Path=/; Secure; SameSite=None
etag
W/"03c323fdba9b625699443753d12a651fe"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2AEF
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=90083
Expires
Thu, 01 Apr 2021 13:27:53 GMT
Date
Wed, 31 Mar 2021 12:26:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame DBBB
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Mar 2021 12:26:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 84AB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-5LB7IGF1l2NuAEUwlzdaJTuJS37QqKc-&
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-5LB7IGF1l2NuAEUwlzdaJTuJS37QqKc-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1xb0;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Fri, 01-Apr-2022 12:26:30 GMT;Secure;SameSite=None A3=d=AQABBHZqZGACELOKgJww9cC1BnOtAk9vAFsFEgEBAQG7ZWBuYAAAAAAA_SMAAA&S=AQAAAmPtTYCn4hAyCkGJlhWMM4o; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=5m03f9tg68qjm&b=3&s=04; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-5LB7IGF1l2NuAEUwlzdaJTuJS37QqKc-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame EB56
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
726 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.1 /
Resource Hash
ddb9f0a8cead4ff30e9d6f6c76bbe6056a71ddeb6a35dabf82240ec16d14f934

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=8c6305cf-037b-0815-1978-65277892d36b|1617193590
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=8c6305cf-037b-0815-1978-65277892d36b|1617193590; Version=1; Expires=Thu, 31-Mar-2022 12:26:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1617193590|gen0vNiygu; Version=1; Expires=Thu, 15-Apr-2021 12:26:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
text/html
content-length
393
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=8c6305cf-037b-0815-1978-65277892d36b|1617193590; Version=1; Expires=Thu, 31-Mar-2022 12:26:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.1
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Wed, 31 Mar 2021 12:26:30 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DB1D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=districtm
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Ddistrictm
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=108873596649824390&ex=districtm
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=108873596649824390&ex=districtm
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=108873596649824390&ex=districtm
AN-X-Request-Uuid
029e6d8d-0c2e-4266-8860-8a1a358bc43d
Set-Cookie
uuid2=108873596649824390; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Jun-2021 12:26:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.101:80
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C652
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4727255393733069352
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4727255393733069352
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Wed, 31 Mar 2021 12:26:29 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=4727255393733069352
set-cookie
pid=4727255393733069352; expires=Sun, 01 May 2022 12:25:30 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 56AF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=8302113262692078232&ex=appnexus.com
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8302113262692078232&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=8302113262692078232&ex=appnexus.com
AN-X-Request-Uuid
a5d3ff91-6947-46fa-b7d0-d8ce30f5bf12
Set-Cookie
uuid2=8302113262692078232; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Jun-2021 12:26:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.37:80
Cookie set amazon
ap.lijit.com/beacon/ Frame 94AF
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB
Document
General
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b5f530893dfec0ab589764a1d76308089700121de76d6f6b913e326ec3d69dfb

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=e7e84a57a9c0f08dda39c58c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVrIwU7IyNDO0MDEwNrQ00FEyNTAwRBUxMUblGxqh8Q2MUFTUAgDUyhDo;Path=/;Domain=.lijit.com;Expires=Thu, 31-Mar-2022 12:26:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=e7e84a57a9c0f08dda39c58c;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap3ams1

Redirect headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Length
0
Set-Cookie
ljt_reader=e7e84a57a9c0f08dda39c58c;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C864
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12031610581631977591
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12031610581631977591
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=12031610581631977591
set-cookie
tluid=12031610581631977591; Max-Age=7776000; Expires=Tue, 29 Jun 2021 12:26:30 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame C8D2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEK49F6AxrsDYUCs7R4bIuF26KIQB5IXDWKqIcZD_tkJgOHmz3vnBLUgZtiMBIwKL4Qa-QkERgaxS8ZG4myztD7Qx0b9uziWWYMA4l39GPcAcXmvhdkaOgmoOckLbH_YJoS95ArXtTJhoCgLTb73Lwa_XqKt-dUkoj2Yww5fGjB-G5YWUML9-R9-lAiczz-ApHk-n6FOVbEpwVrl3smek9JaBwiPgIsK2rqkPF4IYv1a44vKUsyfHGhBp_yblhx2900tdSQynoZUfUHWFHssFvGVS0NXSiMoBwJeNn80DRR3fD0wlq&sai=AMfl-YT2W7g6f3SCEtzrSLV4vmVHcuRfiIEXofeh6tnPpH3PKT7BZsx9hW_qpIJ_ArlP8f6A6dGN393XdYuwOyWJQ6ZKkVxTo6IxTFNmq5dhZmbpLb9XznLD-mW_ozHw14A&sig=Cg0ArKJSzJG9JjZcvwYoEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Mar 2021 12:26:30 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/
7 KB
2 KB
Stylesheet
General
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.39.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Mar 2021 21:31:47 GMT
server
cloudflare
age
500767
x-powered-by
Love
etag
W/"605123c3-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
638991056e3d2325-ZRH
cf-request-id
0929d8f76200002325e28b0000000001
expires
Wed, 31 Mar 2021 13:26:30 GMT
ast.js
acdn.adnxs.com/ast/ Frame 45DE
87 KB
31 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 14:55:39 GMT
Server
nginx/1.13.10
ETag
"6022a26b-15c8c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
30966
Expires
Thu, 01 Apr 2021 12:26:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3014
119 KB
31 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 22:11:28 GMT
content-encoding
gzip
server
Server
age
51302
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id
EBE9WmSrUFJZYZ9dbHqSudb9yZClyD596OP5Yo9NMqUPvksnltFwsQ==
authorize
sic.33across.com/
2 KB
1 KB
Script
General
Full URL
https://sic.33across.com/authorize?usPrivacy=1YNN&version=3.15.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=inview&userId=&sessionId=&publisherURL=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&referrerURL=&publisherId=a9JORiXIKr5BlZrkHcnnVW&publisher=lee728.net&maxTouchPoints=0&navigatorPropsCount=33&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=2618&_=1617193590623&callback=_tynt_jp.a7dkvvwym
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ Love
Resource Hash
af5b302476d70d5a88a1e754caae011855e9fd3b6d67bfd633b58a4645d66cc3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-powered-by
Love
etag
W/"64b-W2TlislnrBQ8kBqo7FZ0hQUazG0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With, Authorization
view
securepubads.g.doubleclick.net/pcs/ Frame 78A9
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudhwzJo-CR2qol70CGF3Q1wXn25ASJJI6pJvQi0KunIEJ2KuAqWyCT0xdopfs_LaZUWhoPQCj8tIjP89z-u46HHzLvEmqn0xOvxra3XEbxoKxgywRvs2ucm7Uhse23j9loG0kGd_LjFwXXwzDJEVqMxPpC1lH04sUHudkf9vYEIedSPyanHhIhVqERQxK-JFrq2inX4AyoVm4nZVR-_bu2MBTsddl8gsKrcJAvQdCtO-2qtoIRoWba0EhknTdXVcZAunwg51Bd3DOByoEXDAc4wKTAxakDkzxLyJ2QbOj_HI0LTJJL&sig=Cg0ArKJSzBwgaAAGsR8nEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 31 Mar 2021 12:26:30 GMT
v2
de.tynt.com/deb/
4 B
258 B
Script
General
Full URL
https://de.tynt.com/deb/v2?m=xch&id=a9JORiXIKr5BlZrkHcnnVW&dn=RCIV&cc=1&r=&us_privacy=1YNN
Requested by
Host: cdn.tynt.com
URL: http://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.182 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip182.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
http://www.poststar.com/app/marketplace/homes/open_houses/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3014
6 KB
3 KB
XHR
General
Full URL
http://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:26 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
5
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Sat, 06 Mar 2021 01:32:40 GMT
Server
AmazonS3
ETag
W/"a4d296427fc806b21335359e398c025c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
Via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Pop
DUS51-C1
Content-Type
application/javascript
X-Amz-Cf-Id
R3DcLof-SFFm1XmuL04gYv73v4uUTTmj9ypz6kGEtHxpDhkGIbQmvw==
ecm3
aax-eu.amazon-adsystem.com/s/ Frame EB56
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=071946eb-b656-8c18-83a0-2f5874862b76
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:30 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EB56
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=C7PLRQviykcQ4ZlEDrbQSVnlmBQQtZtBX-ZJLBjm
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=C7PLRQviykcQ4ZlEDrbQSVnlmBQQtZtBX-ZJLBjm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
via
1.1 google
server
OXGW/16.205.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=C7PLRQviykcQ4ZlEDrbQSVnlmBQQtZtBX-ZJLBjm
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame EB56
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6084857982209174542
43 B
106 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6084857982209174542
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
via
1.1 google
server
OXGW/16.205.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6084857982209174542
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame EB56
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5fcf3a96-aafc-37e2-43ae-adcf1cb5e096&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.45.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-45-237.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame EB56
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzNhMGU5NWMtNjM4Yi02OTQ2LTU2NGUtZjc3NmQ2NTcyZWY2
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EB56
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKPUs3nUlC696HMzYrWDOYI&google_cver=1
43 B
106 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKPUs3nUlC696HMzYrWDOYI&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
via
1.1 google
server
OXGW/16.205.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKPUs3nUlC696HMzYrWDOYI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
am.freshrelevance.com/
1 B
97 B
XHR
General
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%221gv56fb4g7%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: http://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.36.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-36-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
text/plain; charset=utf-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame A999
37 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=83114
Expires
Thu, 01 Apr 2021 11:31:44 GMT
Date
Wed, 31 Mar 2021 12:26:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame DBBB
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f560ef51d47e36158a7122135ebb881eda3ea0fc010728c0451a61efa6c2d51a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Mar 2021 16:06:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75474
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9491
Expires
Thu, 01 Apr 2021 09:24:24 GMT
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8302113262692078232
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8302113262692078232
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:30 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.148:80
AN-X-Request-Uuid
23bd66b0-b97c-4128-9f0d-150575a279c2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8302113262692078232
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&gdpr=&gdpr_consent=&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=ebd18937-0baa-4edb-bdfb-6a058c5c304f
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk3d818633-c41b-4027-8813-0f896438a8db&expires=7&user_group=5&ssp=gumgum2&bsw_param=ebd18937-0baa-4edb-bdfb-6a058c5c304f
  • https://rtb.gumgum.com/usersync?b=bsw&i=ebd18937-0baa-4edb-bdfb-6a058c5c304f
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=ebd18937-0baa-4edb-bdfb-6a058c5c304f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=ebd18937-0baa-4edb-bdfb-6a058c5c304f
date
Wed, 31 Mar 2021 12:26:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
syncPartner
sync.outbrain.com/ Frame 35CB
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28Zwm3LceiH5EQrirlaoBaax7h4GjLWqBYjIEYXqASmPq3vF7ElV4vyHH-fJnA3jiN%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&obuid=ENC(Zwm3LceiH5EQrirlaoBaax7h4GjLWqBYjIEYXqASmPq3vF7ElV4vyHH-fJnA3jiN)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B
Image
General
Full URL
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:31 GMT
Cache-Control
no-cache
X-TraceId
b46901e3f2a9aa7bf3b2dba1974cc714
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Wed, 31 Mar 2021 12:26:31 GMT
X-TraceId
5c783829557ce14cb60fc2b61bb953f8
Content-Length
0
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=a8f29ee6-82e9-0fb4-24d5-bd22d4e5e1d0
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=a8f29ee6-82e9-0fb4-24d5-bd22d4e5e1d0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-encoding
gzip
server
OXGW/16.205.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=a8f29ee6-82e9-0fb4-24d5-bd22d4e5e1d0
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-cd6d9307-2796-4904-534d-f69539957c84$ip$185.156.175.107
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-cd6d9307-2796-4904-534d-f69539957c84$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-cd6d9307-2796-4904-534d-f69539957c84$ip$185.156.175.107
Date
Wed, 31 Mar 2021 12:26:31 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-MPLFctxE2pdD8q8bHMSLbCi.5jFeobEvD1tp~A
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-MPLFctxE2pdD8q8bHMSLbCi.5jFeobEvD1tp~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Wed, 31 Mar 2021 12:26:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-MPLFctxE2pdD8q8bHMSLbCi.5jFeobEvD1tp~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=52e76d5f-921c-11eb-bff9-b9567abcfdd5
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=52e76d5f-921c-11eb-bff9-b9567abcfdd5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=52e76d5f-921c-11eb-bff9-b9567abcfdd5
Date
Wed, 31 Mar 2021 12:26:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
52e76d60-921c-11eb-bff9-b9567abcfdd5
services
sync.technoratimedia.com/ Frame 35CB
0
293 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
79321076
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 35CB
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
RX-085e59db-593e-44d2-8320-545435dd19c9-003
sync.targeting.unrulymedia.com/csync/ Frame 35CB
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5072976874
  • https://sync.1rx.io/usersync/tradedesk/08ecce6a-86b7-43c9-98a7-eb020357e223
  • https://sync.targeting.unrulymedia.com/csync/RX-085e59db-593e-44d2-8320-545435dd19c9-003
43 B
452 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-085e59db-593e-44d2-8320-545435dd19c9-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.147.151 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-085e59db-593e-44d2-8320-545435dd19c9-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
rtb.gumgum.com/ Frame 35CB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=iakbZ1vZDAKY&ev=1&pid=558355
35 B
237 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=iakbZ1vZDAKY&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=iakbZ1vZDAKY&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-hlpqn
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 35CB
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 9F2F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=&gdpr_consent=
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 31 Mar 2021 12:27:23 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Cache-Control
no-cache
set-cookie
uuid=85596064-6a76-4300-89d6-8d9fa9d29021; domain=.mathtag.com; path=/; expires=Thu, 28-Apr-2022 12:26:30 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 3628 75f709e master cdg-pixel-x8
Expires
Wed, 31 Mar 2021 12:27:22 GMT
usersync
rtb.gumgum.com/ Frame 45D4
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
  • https://rtb.gumgum.com/usersync?b=atm&i=YGRqdgAAAGgtaToG&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YGRqdgAAAGgtaToG&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YGRqdgAAAGgtaToG&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YGRqdgAAAGgtaToG&gdpr=&gdpr_consent=&_test=YGRqdgAAAGgtaToG
accept-ranges
bytes
date
Wed, 31 Mar 2021 12:26:31 GMT
via
1.1 varnish
x-served-by
cache-fra19177-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1617193591.030335,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6026
170 B
484 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV83ZjY0OGFkZC1iZWEwLTRhYzMtOTE0ZC02ZjZhYjVjNjc1YTk=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV83ZjY0OGFkZC1iZWEwLTRhYzMtOTE0ZC02ZjZhYjVjNjc1YTk=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUldSfWO9lcYxJTchBI64rG0MLs2K19_FfGrqzIDbd_w3RomYSYxDKyN4heZK6Q
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Wed, 31 Mar 2021 12:26:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 10AA
8 KB
3 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=90083
Expires
Thu, 01 Apr 2021 13:27:53 GMT
Date
Wed, 31 Mar 2021 12:26:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame BEE3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=08ecce6a-86b7-43c9-98a7-eb020357e223&t=1619785590
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=08ecce6a-86b7-43c9-98a7-eb020357e223&t=1619785590
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=08ecce6a-86b7-43c9-98a7-eb020357e223&t=1619785590
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 31 Mar 2021 12:26:30 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=08ecce6a-86b7-43c9-98a7-eb020357e223&t=1619785590
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=08ecce6a-86b7-43c9-98a7-eb020357e223; domain=.adsrvr.org; expires=Thu, 31-Mar-2022 12:26:30 GMT; path=/; secure; SameSite=None TDCPM=CAEYBSABKAIyCwim2LCg3pK6ORAFOAE.; domain=.adsrvr.org; expires=Thu, 31-Mar-2022 12:26:30 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 3EB5
0
0
Document
General
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Wed, 31 Mar 2021 12:26:31 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 1F90
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YGRqeMCo8XcAAHpX6NQAAAAA
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YGRqeMCo8XcAAHpX6NQAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YGRqeMCo8XcAAHpX6NQAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 31 Mar 2021 12:26:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:32 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YGRqeMCo8XcAAHpX6NQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YGRqeMCo8XcAAHpX6NQAAAAA; path=/; expires=Fri, 31-Mar-23 12:26:32 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
1
X-SO-HostName
a-ad40363.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng19.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":47,"gdpr":false,"ipv4":"185.156.175.107","key":"YGRqeMCo8XcAAHpX6NQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40363"}
X-SO-Key
YGRqeMCo8XcAAHpX6NQAAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
47
X-SO-Upstream-ID
a-ad40363
usersync
rtb.gumgum.com/ Frame DE64
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878968814641318
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871878968814641318
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871878968814641318
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 31 Mar 2021 12:26:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmhuaGlsamlkYGAEAO0rhWsQAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 25 Apr 2022 12:26:32 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILSzMLC0MTMxNDY0MLIT5D3VR_p4p459CM7JQSNyleQzNDc0NLY1NLIwMDIwDZCdNdNAAAAA; Path=/; Domain=.rfihub.com; Expires=Mon, 25 Apr 2022 12:26:32 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzMLC0MTMxNDY0MLIT5D3VR_p4p459CM7JQSNwAVIF-EJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871878968814641318
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 73D8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://ams.creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=99EYpyI0tSEqWc1j5Ew4&pi=gumgum&tc=1
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=99EYpyI0tSEqWc1j5Ew4&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=99EYpyI0tSEqWc1j5Ew4&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Wed, 31 Mar 2021 12:26:32 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Wed, 31 Mar 2021 12:26:31 GMT Wed, 31 Mar 2021 12:26:31 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=99EYpyI0tSEqWc1j5Ew4&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Microdata&dl=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&rl=&if=false&ts=1617193590854&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Real%20Estate%20Open%20Houses%20Glens%20Falls%2C%20Saratoga%2C%20Adirondacks%20%3A%3A%20PostStar.com%22%2C%22meta%3Akeywords%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%2C%22meta%3Adescription%22%3A%22Find%20open%20houses%20in%20Glens%20Falls%2C%20Queensbury%2C%20%20Lake%20George%2C%20Fort%20Ann%2C%20Fort%20Edward%2C%20Hudson%20Falls%2C%20Moreau%2C%20South%20Glens%20Falls%2C%20Granville%2C%20Hartford%2C%20Argyle%2C%20Gansevoort%2C%20Lake%20Luzerne%2C%20Corinth%2C%20Saratoga%2C%20Bolton%2C%20Johnsburg%2C%20Whitehall%2C%20Northumberland%20in%20upstate%20New%20York.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fpoststar.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%2C%22%2Fyoutube%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fthe_post_star%2F%22%5D%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fpoststar.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%2C%22%2Fyoutube%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fthe_post_star%2F%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1617193590288.591751299&it=1617193590127&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 31 Mar 2021 12:26:30 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 94AF
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=e7e84a57a9c0f08dda39c58c&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:30 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 94AF
45 B
371 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=e7e84a57a9c0f08dda39c58c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 31 Mar 2021 12:26:32 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 31 Mar 2021 12:26:32 GMT
merge
ce.lijit.com/ Frame 94AF
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=8302113262692078232&gdpr=0&gdpr_consent=
43 B
843 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=12&3pid=8302113262692078232&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:30 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
00fdd89b-9a6c-4a83-87e9-5104b55fe71c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=8302113262692078232&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 94AF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ams.creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=99EYpyI0tSEqWc1j5Ew4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
844 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=86&3pid=99EYpyI0tSEqWc1j5Ew4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=99EYpyI0tSEqWc1j5Ew4&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT, Wed, 31 Mar 2021 12:26:31 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 94AF
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=e7e84a57a9c0f08dda39c58c/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=e7e84a57a9c0f08dda39c58c/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=b7c336b6956950f94192a944cf16fbd7&gdpr=0&gdpr_consent=
43 B
1 KB
Image
General
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=b7c336b6956950f94192a944cf16fbd7&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:32 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=b7c336b6956950f94192a944cf16fbd7&gdpr=0&gdpr_consent=
cache-control
no-cache
x-server
10.45.21.67
content-length
0
expires
0
merge
ce.lijit.com/ Frame 94AF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=iwgmxotZJ8SQWnTHjg09ytledZeQDnbC310IzWh4
43 B
864 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=iwgmxotZJ8SQWnTHjg09ytledZeQDnbC310IzWh4
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=iwgmxotZJ8SQWnTHjg09ytledZeQDnbC310IzWh4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame DBBB
284 B
953 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg
PugMaster
image6.pubmatic.com/AdServer/ Frame A999
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56464298&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4ce7c72c64a4a380ecdbe7925f26f4df5e703444e35ed16ab4d77243586a691c

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
showad.js
ads.pubmatic.com/AdServer/js/ Frame 100E
37 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=156657:2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=83113
Expires
Thu, 01 Apr 2021 11:31:44 GMT
Date
Wed, 31 Mar 2021 12:26:31 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DBBB
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&us_privacy=1YNN
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMXFB4ZN-B-ET4L&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
43 B
344 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMXFB4ZN-B-ET4L&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMXFB4ZN-B-ET4L&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 56BC
58 KB
19 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d09bf7038c6fbe117545fa9d1c36537b53fcafa5a211f8cb85b7e5a81b39d0fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"828 / 735 of 1000 / last-modified: 1617189203"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19717
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:31 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 45DE
19 B
870 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid
a93e5978-6f3c-4d40-b5f6-55892a4e0134
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.poststar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 45DE
19 B
869 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.76:80
AN-X-Request-Uuid
803f067d-ed21-424a-8508-632c48f72cce
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.poststar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 45DE
19 B
869 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:31 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.23:80
AN-X-Request-Uuid
b2e43fab-7b48-4fcd-a3cb-481d61b549c5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.poststar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/
88 B
654 B
XHR
General
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
b3a8551f39a914eb638113f77ba53d3477697583b5fe99131341bef0f3bc8546

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.poststar.com
access-control-allow-credentials
true
pubads_impl_2021032202.js
securepubads.g.doubleclick.net/gpt/ Frame 56BC
286 KB
100 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Mar 2021 18:01:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102487
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:31 GMT
709414.gif
id.rlcdn.com/ Frame DBBB
0
42 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame DBBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NyGUeemPD64EjCFDT1bWdA?csrc=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5387666777562533276
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5387666777562533276
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Wed, 31 Mar 2021 12:26:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5387666777562533276
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRkI0Wk4tQi1FVDRM&us_privacy=1YNN
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRkI0Wk4tQi1FVDRM&us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01YRkI0Wk4tQi1FVDRM&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame DBBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNN
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFB4ZN-B-ET4L&sigv=1&esig=2~a72e35d4543b21ddccca62fba5f3ce64fc03f255&us_privacy=1YNN
0
292 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFB4ZN-B-ET4L&sigv=1&esig=2~a72e35d4543b21ddccca62fba5f3ce64fc03f255&us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:31 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMXFB4ZN-B-ET4L&sigv=1&esig=2~a72e35d4543b21ddccca62fba5f3ce64fc03f255&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame DBBB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=85596064-6a76-4300-89d6-8d9fa9d29021
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=85596064-6a76-4300-89d6-8d9fa9d29021
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

Date
Wed, 31 Mar 2021 12:27:23 GMT
Server
MT3 3628 75f709e master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=85596064-6a76-4300-89d6-8d9fa9d29021
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Mar 2021 12:27:22 GMT
tap.php
pixel.rubiconproject.com/ Frame DBBB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YGRqdgAAAGgtaToG&us_privacy=1YNN
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YGRqdgAAAGgtaToG&us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617193591.189095,VS0,VE0
x-served-by
cache-fra19177-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YGRqdgAAAGgtaToG&us_privacy=1YNN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame DBBB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIEslfPK5bSsF7C5RjOgfIw&google_cver=1
42 B
710 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIEslfPK5bSsF7C5RjOgfIw&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEIEslfPK5bSsF7C5RjOgfIw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DBBB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGI0NjRhYmQwM2VlOTgzM2VkNDViMmE5MDQ5MDE5NjBiYTg4YzI1MQ&us_privacy=1YNN
170 B
190 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGI0NjRhYmQwM2VlOTgzM2VkNDViMmE5MDQ5MDE5NjBiYTg4YzI1MQ&us_privacy=1YNN
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_pm-db5_rbd_n-vmg_rx_ox-db5_dm_smrt_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGI0NjRhYmQwM2VlOTgzM2VkNDViMmE5MDQ5MDE5NjBiYTg4YzI1MQ&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame C8D2
42 B
501 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw_p00YNX_ECh0VGNHhkMUIycUC6AOKSyBpafOKPpULvbqRP2RdztYXV6izYWggKHelT86z4_brpusHL3D67dvG8YSIz3gumamuAObjfc&sig=Cg0ArKJSzLK6UpsUH9ZoEAE&id=osdim&mcvt=1000&p=1,800,2,801&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=867577994&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1617193589770&dlt=0&rpt=419&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 78A9
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJBnI2aVDrn0J6DzVKHI6GhOcvEbq6LI5D01kF3NqiCmMeOZedHu5xCx51UpvyD0c05NIRssujFjcwp6FDG0pDyN8WzUkisGKkf2Wsq98&sig=Cg0ArKJSzON6CWq3SvRUEAE&id=osdim&mcvt=1001&p=212,315,462,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210329&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=831975835&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1617193590397&dlt=0&rpt=118&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ch/adsid/ Frame 56BC
107 B
146 B
Script
General
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 56BC
107 B
146 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 56BC
335 B
193 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3956463812228235&correlator=4290517510522257&output=ldjh&impl=fif&eid=31060311%2C31060473%2C31060550%2C31060297%2C31060367%2C44739387&vrg=2021032202&ptt=17&us_privacy=1YNN&sc=0&sfv=1-0-38&ecs=20210331&iu_parts=32867010%2CA_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=c%3D10%26r%3D110%26d%3Dlee728.net%26g%3Da9JORiXIKr5BlZrkHcnnVW%26gd%3Da9JORiXIKr5BlZrkHcnnVW%253Adesktop%26cc%3D0%26pf%3D50%26gm%3D54%26gf%3D42%26ag1%3D14%26ag2%3D15%26ag3%3D66%26ivt%3D24%26iva%3D82%26ivb%3D71%26ivc%3D63%26ivd%3D25%26ive%3D4%26ivp%3D95%26osr%3D97%26pre%3Dapnx%253Ae102%2Cttx%253A0%26pre_sz%3Dapnx%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cttx%253A0%26hb%3D0&cookie=ID%3D3e3b17b966668bbc%3AT%3D1617193589%3AS%3DALNI_MZZ7ZHoKMBfymUZM7z37_IDajH8Aw&cdm=www.poststar.com&bc=23&abxe=1&lmt=1617193591&dt=1617193591747&dlt=1617193591100&idt=113&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1598&adys=62&adks=657788913&ucis=d8ogqmgvb09b&ifi=1&ifk=410702474&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&ref=http%3A%2F%2Fwww.poststar.com%2F&top=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vis=1&scr_x=0&scr_y=0&psz=284x134&msz=284x90&ga_vid=194228186.1617193589&ga_sid=1617193592&ga_hid=394115153&ga_fc=true&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c7dd7408ff486893c0fea5d756d60e7e9fa7545104c704d9020015304afc8f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5061f0b7eeb00b407e24883bf29dd77b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56BC
0
0
Other
General
Full URL
https://5061f0b7eeb00b407e24883bf29dd77b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:809::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 56BC
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/getconfig/ Frame 56BC
8 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e3300944d5be3cffc3e0d5ed64b97e662c37985e21857d3e7825761c69926d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6400
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 56BC
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FD87
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.poststar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.poststar.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 31 Mar 2021 10:02:47 GMT
expires
Thu, 31 Mar 2022 10:02:47 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8625
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame FD87
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 14:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
79516
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Wed, 30 Mar 2022 14:21:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56BC
0
224 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021032202&jk=3956463812228235&bg=!vb6lvvrNAAbUo7L91KM7ACkAdvg8WgY7i2CxTDqSgo2xx4XsscC8VU96t1Goury4mJsz_nsFXQGOwwIAAAB9UgAAAAtoAQcKAYV8sqVMvuh0UkU5a1e67fxZV-J5IdrxU8fv618KB0PfuqxzHqFxxs8xTfM6yIQfpSMqtsJRqVTspOJCLy-YnzBOuIM9qfpkUOB3KqHShAhpa5cWFdl1QhZtb1oPr3jeQKI9zbAG7Wg_JX99sAMxqu5BFePeVq7HqRzrgejuMksokGEGruGAie67DrYGh9ofdRMs_DT0WIr26-W5VNLmt_TdasLZJUXXgdxvOytc4Mvgcm15f4X1N59FKB7y3BZH6B5TTHnfLIjCqTa_ZxnJHtsYtPviDarT9bgfO7SOBd5t-Bn9alHeiVqWNvSaYyqBr8hvrNT5gsEOjqUqKQDZ8IuYdns38XMi-uFxFVTRSw7HhoGW9cAoU6Ocl4rSfGZv-k0AqnnF4r0FRr4CKqsd1P4vxdytapsoD3cEAFqaUSjgeehXLFtl4g5Ej3Rw_dkHoG_Ep6-Mc0Y9g0AgCWc5jfWVRJ2oFBuunUNXT2jvl7jHgoaE0oFPOkuO9pfYYIb09y5F4d4kbJkB6e5vYyq8F6bjw5dF9cIj9uXJkZPc9loKEo3F9CTJdpICJSywP3zvdi4gLo9WuJ76Y2amIMwm2rzFeMj4kCLllzqsYIbv4JDEaM-rvYNzGKZfU_HYJIsQoA5d4ryG74NIqeHTDUHhuZcJIoSP7wTdfZXSlhmhiUJ5ZXoMKAx-8pEi9_Pit1s5R_NGUnx4_1bKuelRZDLso13WTNMn4PAISK9ghYCn0FqgYlUVWXHMq0pPMG31NiAoO0gl-5dysqOCOKDzS9mg71viyLfjQsxbkOfXP6-t7TU-Idge7oIiJEpmlxyD3P2SI5LrNBoKK0auU06TlA4LiZzZC3ovFJY3r9bkFKW8amVSMP0l0vJV4qrfdfDAjFygPFVyo8XhdxyMkb6vsqAkfxWVk1KeMG5Hxy4gLSc5x23wME8xbizxIKiwI5DeNfBt8Ef5kYlXsutIm7DxwmHPngGjH-0v4LaVVnTaxhmCJBgnjIV_mQNZatomS77XFzQGgdHNCufrZtKYMGl402ZPWARKxiy2UwvnLI-QktBZUrurwh4tRM3xTNkTkBuVO_TIELgVJhOCTcrR13AFxBu2G5sIZFUQmF1l0gpvsjZcEPcIgp5K5g1Jm8bQZn91394ltU8oRUdIfJqTkDC5-dXxKhz6FQ
Requested by
Host: www.poststar.com
URL: http://www.poststar.com/app/marketplace/homes/open_houses/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 100E
37 KB
14 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=83110
Expires
Thu, 01 Apr 2021 11:31:44 GMT
Date
Wed, 31 Mar 2021 12:26:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame DE8A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6230805304824807909
42 B
769 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6230805304824807909
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56464298&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=922F6019-CFB5-42B7-B6F9-4C3869EA172E; pi=2:4; chkChromeAb67Sec=2; DPSync3=1618358400%3A226_219_197_221_201_227%7C1617235200%3A174; SyncRTB3=1619740800%3A203%7C1618444800%3A35%7C1617753600%3A2_67_223_15%7C1618012800%3A63%7C1618358400%3A13_8_204_22_165_161_56_71_166_88_176_21_81_55_7_3_54_220_189; KRTBCOOKIE_218=22978-YGRqdgAAAGgtaToG&KRTB&23194-YGRqdgAAAGgtaToG&KRTB&23209-YGRqdgAAAGgtaToG&KRTB&23244-YGRqdgAAAGgtaToG; PugT=1617193592; PUBMDCID=3; KRTBCOOKIE_22=14911-3532233991374577907; KRTBCOOKIE_1101=23040-6945793597534369939; KRTBCOOKIE_27=16735-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&16736-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23019-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23114-uid:85596064-6a76-4300-89d6-8d9fa9d29021
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:34 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-6230805304824807909; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:34 GMT; path=/ PugT=1617193594; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 12:26:34 GMT; path=/
X-lat
lhrpug005:0:483
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6230805304824807909
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame D9FC
43 B
325 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56464298&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 31 Mar 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
990
x-powered-by
ASP.NET
date
Wed, 31 Mar 2021 12:26:33 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame B0E3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDNHNVN0F5TlVBQUNmcVRPdXBaZw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAC4sU7AyNUAACfqTOupZg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAC4sU7AyNUAACfqTOupZg&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAC4sU7AyNUAACfqTOupZg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4727255393733069352
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4sU7AyNUAACfqTOupZg
42 B
773 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4sU7AyNUAACfqTOupZg
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56464298&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=922F6019-CFB5-42B7-B6F9-4C3869EA172E; pi=2:4; chkChromeAb67Sec=2; DPSync3=1618358400%3A226_219_197_221_201_227%7C1617235200%3A174; SyncRTB3=1619740800%3A203%7C1618444800%3A35%7C1617753600%3A2_67_223_15%7C1618012800%3A63%7C1618358400%3A13_8_204_22_165_161_56_71_166_88_176_21_81_55_7_3_54_220_189; KRTBCOOKIE_218=22978-YGRqdgAAAGgtaToG&KRTB&23194-YGRqdgAAAGgtaToG&KRTB&23209-YGRqdgAAAGgtaToG&KRTB&23244-YGRqdgAAAGgtaToG; PUBMDCID=3; KRTBCOOKIE_22=14911-3532233991374577907; KRTBCOOKIE_1101=23040-6945793597534369939; KRTBCOOKIE_27=16735-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&16736-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23019-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23114-uid:85596064-6a76-4300-89d6-8d9fa9d29021; KRTBCOOKIE_153=1923-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&19420-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&22979-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn; KRTBCOOKIE_391=22924-6084857982209174542&KRTB&23263-6084857982209174542; KRTBCOOKIE_57=22776-8302113262692078232; KRTBCOOKIE_80=16514-CAESEADnTo2SWrhJ8NeN_NromsY&KRTB&22987-CAESEADnTo2SWrhJ8NeN_NromsY&KRTB&23025-CAESEADnTo2SWrhJ8NeN_NromsY; KRTBCOOKIE_377=6810-08ecce6a-86b7-43c9-98a7-eb020357e223&KRTB&22918-08ecce6a-86b7-43c9-98a7-eb020357e223&KRTB&23031-08ecce6a-86b7-43c9-98a7-eb020357e223; KRTBCOOKIE_336=5844-6230805304824807909; KRTBCOOKIE_1074=22956-e_7f648add-bea0-4ac3-914d-6f6ab5c675a9; KRTBCOOKIE_188=3189-0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348; KRTBCOOKIE_466=16530-ebd18937-0baa-4edb-bdfb-6a058c5c304f; KRTBCOOKIE_409=22966-1qUcCCHUZ5VAPg6eIaXGWkDK&KRTB&23212-1qUcCCHUZ5VAPg6eIaXGWkDK; PugT=1617193594
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:34 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AAC4sU7AyNUAACfqTOupZg; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:34 GMT; path=/ PugT=1617193594; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 12:26:34 GMT; path=/
X-lat
lhrpug014:0:293
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC4sU7AyNUAACfqTOupZg
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame A778
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6945793597534369939
42 B
771 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6945793597534369939
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=56464298&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=922F6019-CFB5-42B7-B6F9-4C3869EA172E; pi=2:4; chkChromeAb67Sec=2; DPSync3=1618358400%3A226_219_197_221_201_227%7C1617235200%3A174; SyncRTB3=1619740800%3A203%7C1618444800%3A35%7C1617753600%3A2_67_223_15%7C1618012800%3A63%7C1618358400%3A13_8_204_22_165_161_56_71_166_88_176_21_81_55_7_3_54_220_189; KRTBCOOKIE_218=22978-YGRqdgAAAGgtaToG&KRTB&23194-YGRqdgAAAGgtaToG&KRTB&23209-YGRqdgAAAGgtaToG&KRTB&23244-YGRqdgAAAGgtaToG; PugT=1617193592; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6945793597534369939; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:32 GMT; path=/ PugT=1617193592; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 12:26:32 GMT; path=/
X-lat
amspug015:0:629
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:34 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6945793597534369939; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6945793597534369939
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 50B3
43 B
344 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=922F6019-CFB5-42B7-B6F9-4C3869EA172E&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.124.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A2WVdU4BX0vDkokIBxWrRx0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Wed, 31 Mar 2021 12:26:34 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A999
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ki9gGc-1Qre2-Uw4aeoXLg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=90079
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Thu, 01 Apr 2021 13:27:53 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A999
95 B
421 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=922F6019-CFB5-42B7-B6F9-4C3869EA172E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6389911b4e354ec2-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0929d9050f00004ec2f695b000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame A999
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=922F6019-CFB5-42B7-B6F9-4C3869EA172E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=922F6019-CFB5-42B7-B6F9-4C3869EA172E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=922F6019-CFB5-42B7-B6F9-4C3869EA172E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:32 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:32 GMT
frontend-id
10
location
/pubmatic/1/info2?sType=sync&sExtCookieId=922F6019-CFB5-42B7-B6F9-4C3869EA172E&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&addseg=31
7 B
147 B
Image
General
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:37 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 31 Mar 2021 12:26:34 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08ecce6a-86b7-43c9-98a7-eb020357e223
42 B
882 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08ecce6a-86b7-43c9-98a7-eb020357e223
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
X-lat
amspug003:0:404
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=08ecce6a-86b7-43c9-98a7-eb020357e223
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6084857982209174542
42 B
801 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6084857982209174542
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
X-lat
amspug014:0:371
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6084857982209174542
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEADnTo2SWrhJ8NeN_NromsY&google_cver=1
42 B
855 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEADnTo2SWrhJ8NeN_NromsY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
X-lat
lhrpug003:0:626
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEADnTo2SWrhJ8NeN_NromsY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=0&gdpr_consent=
42 B
946 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
X-lat
amspug006:0:374
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 31 Mar 2021 12:27:26 GMT
Server
MT3 3628 75f709e master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:85596064-6a76-4300-89d6-8d9fa9d29021&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Mar 2021 12:27:25 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8302113262692078232&gdpr=0&gdpr_consent=
42 B
769 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8302113262692078232&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
X-lat
lhrpug010:0:485
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:34 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.55:80
AN-X-Request-Uuid
c63dc6cc-0e26-4946-a394-ae4058d62769
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8302113262692078232&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
922F6019-CFB5-42B7-B6F9-4C3869EA172E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A999
43 B
604 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/922F6019-CFB5-42B7-B6F9-4C3869EA172E?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y8qGp5xE2uVEpuHoLvMd5xhDyzeTXPw-~A&gdpr=0&gdpr_consent=
0
418 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y8qGp5xE2uVEpuHoLvMd5xhDyzeTXPw-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Y8qGp5xE2uVEpuHoLvMd5xhDyzeTXPw-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ebd18937-0baa-4edb-bdfb-6a058c5c304f
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=ebd18937-0baa-4edb-bdfb-6a058c5c304f
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=b9e6b050-c2de-4fba-be1e-d4e6c631efda&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ebd18937-0baa-4edb-bdfb-6a058c5c304f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ebd18937-0baa-4edb-bdfb-6a058c5c304f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
X-lat
amspug017:0:386
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ebd18937-0baa-4edb-bdfb-6a058c5c304f&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 31 Mar 2021 12:26:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3532233991374577907&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3532233991374577907&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
X-lat
amspug018:0:346
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3532233991374577907&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 31 Mar 2021 12:26:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn
42 B
894 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
X-lat
lhrpug011:0:482
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGRqdgAAAGgtaToG&gdpr=0&gdpr_consent=
1 B
809 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGRqdgAAAGgtaToG&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:32 GMT
X-lat
amspug013:0:284
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1617193594.140749,VS0,VE0
x-served-by
cache-fra19177-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGRqdgAAAGgtaToG&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21bcf63a-d5ea-4e5b-9473-baa8290ba49a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21bcf63a-d5ea-4e5b-9473-baa8290ba49a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
X-lat
amspug008:0:419
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:21bcf63a-d5ea-4e5b-9473-baa8290ba49a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 31 Mar 2021 12:26:34 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348&gdpr=0&gdpr_consent=
42 B
800 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
X-lat
lhrpug015:0:460
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame A999
0
104 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=922F6019-CFB5-42B7-B6F9-4C3869EA172E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmatic
um.simpli.fi/ Frame A999
43 B
609 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 30 Mar 2021 12:26:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A999
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8302113262692078232
42 B
505 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8302113262692078232
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:36 GMT
X-lat
amspug008:0:365
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:37 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.136:80
AN-X-Request-Uuid
f9d136ee-f82f-4477-ac61-b02e0242dc61
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8302113262692078232
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 100E
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80311354&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f93443fc903018908a6fc84cb05ea8a17542b10c47ed4bed35019ffdfec1621f

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 9296
35 B
468 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=922F6019-CFB5-42B7-B6F9-4C3869EA172E
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80311354&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=922F6019-CFB5-42B7-B6F9-4C3869EA172E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=6084857982209174542
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 31 Mar 2021 12:26:34 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=6084857982209174542; expires=Sun, 30 May 2021 12:26:34 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame D277
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1qUcCCHUZ5VAPg6eIaXGWkDK
42 B
811 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1qUcCCHUZ5VAPg6eIaXGWkDK
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80311354&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=922F6019-CFB5-42B7-B6F9-4C3869EA172E; pi=2:4; chkChromeAb67Sec=2; DPSync3=1618358400%3A226_219_197_221_201_227%7C1617235200%3A174; SyncRTB3=1619740800%3A203%7C1618444800%3A35%7C1617753600%3A2_67_223_15%7C1618012800%3A63%7C1618358400%3A13_8_204_22_165_161_56_71_166_88_176_21_81_55_7_3_54_220_189; KRTBCOOKIE_218=22978-YGRqdgAAAGgtaToG&KRTB&23194-YGRqdgAAAGgtaToG&KRTB&23209-YGRqdgAAAGgtaToG&KRTB&23244-YGRqdgAAAGgtaToG; PUBMDCID=3; KRTBCOOKIE_22=14911-3532233991374577907; KRTBCOOKIE_1101=23040-6945793597534369939; KRTBCOOKIE_27=16735-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&16736-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23019-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23114-uid:85596064-6a76-4300-89d6-8d9fa9d29021; KRTBCOOKIE_153=1923-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&19420-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&22979-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn; KRTBCOOKIE_391=22924-6084857982209174542&KRTB&23263-6084857982209174542; KRTBCOOKIE_57=22776-8302113262692078232; KRTBCOOKIE_80=16514-CAESEADnTo2SWrhJ8NeN_NromsY&KRTB&22987-CAESEADnTo2SWrhJ8NeN_NromsY&KRTB&23025-CAESEADnTo2SWrhJ8NeN_NromsY; KRTBCOOKIE_377=6810-08ecce6a-86b7-43c9-98a7-eb020357e223&KRTB&22918-08ecce6a-86b7-43c9-98a7-eb020357e223&KRTB&23031-08ecce6a-86b7-43c9-98a7-eb020357e223; KRTBCOOKIE_336=5844-6230805304824807909; KRTBCOOKIE_1074=22956-e_7f648add-bea0-4ac3-914d-6f6ab5c675a9; KRTBCOOKIE_188=3189-0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348; KRTBCOOKIE_466=16530-ebd18937-0baa-4edb-bdfb-6a058c5c304f; PugT=1617193593
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:34 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-1qUcCCHUZ5VAPg6eIaXGWkDK&KRTB&23212-1qUcCCHUZ5VAPg6eIaXGWkDK; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:34 GMT; path=/ PugT=1617193594; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 30-Apr-2021 12:26:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 12:26:34 GMT; path=/
X-lat
lhrpug014:0:397
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Wed, 31 Mar 2021 12:26:34 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=1qUcCCHUZ5VAPg6eIaXGWkDK; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=1qUcCCHUZ5VAPg6eIaXGWkDK
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 43F9
43 B
408 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80311354&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 31 Mar 2021 12:26:35 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame EAA0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80311354&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnoeUxZduBnRApTpshdlZdbOq3PQtPTZaqg0RZbcMgb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 31 Mar 2021 12:26:34 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=d3567bacb492c85e3b6521a62dbb187971617193594; expires=Fri, 30-Apr-21 12:26:34 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a4nseFSZdIiiSTnMSYlklOVedF9Xf0oQC6RV9nvqtXuyaUA2bYbsZak1Q4ZaHyndVIrZciAvaGRlvw423nAZbEcZdP; path=/; domain=.tribalfusion.com; expires=Tue, 29-Jun-2021 12:26:34 GMT; SameSite=None; Secure; ANON_ID_old=a4nseFSZdIiiSTnMSYlklOVedF9Xf0oQC6RV9nvqtXuyaUA2bYbsZak1Q4ZaHyndVIrZciAvaGRlvw423nAZbEcZdP; path=/; domain=.tribalfusion.com; expires=Tue, 29-Jun-2021 12:26:34 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0929d905fc00004ec20713e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6389911cc8fc4ec2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 31 Mar 2021 12:26:34 GMT
content-type
text/html
set-cookie
__cfduid=d3567bacb492c85e3b6521a62dbb187971617193594; expires=Fri, 30-Apr-21 12:26:34 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=asnoeUxZduBnRApTpshdlZdbOq3PQtPTZaqg0RZbcMgb; path=/; domain=.tribalfusion.com; expires=Tue, 29-Jun-2021 12:26:34 GMT; SameSite=None; Secure; ANON_ID_old=asnoeUxZduBnRApTpshdlZdbOq3PQtPTZaqg0RZbcMgb; path=/; domain=.tribalfusion.com; expires=Tue, 29-Jun-2021 12:26:34 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
673
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0929d9054f00004ec22b0d4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6389911bbf094ec2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame CD33
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=iakbZ1vZDAKY&pid=557219
1 B
463 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=iakbZ1vZDAKY&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=80311354&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KADUSERCOOKIE=922F6019-CFB5-42B7-B6F9-4C3869EA172E; pi=2:4; chkChromeAb67Sec=2; DPSync3=1618358400%3A226_219_197_221_201_227%7C1617235200%3A174; SyncRTB3=1619740800%3A203%7C1618444800%3A35%7C1617753600%3A2_67_223_15%7C1618012800%3A63%7C1618358400%3A13_8_204_22_165_161_56_71_166_88_176_21_81_55_7_3_54_220_189; KRTBCOOKIE_218=22978-YGRqdgAAAGgtaToG&KRTB&23194-YGRqdgAAAGgtaToG&KRTB&23209-YGRqdgAAAGgtaToG&KRTB&23244-YGRqdgAAAGgtaToG; PUBMDCID=3; KRTBCOOKIE_22=14911-3532233991374577907; KRTBCOOKIE_1101=23040-6945793597534369939; KRTBCOOKIE_27=16735-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&16736-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23019-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23114-uid:85596064-6a76-4300-89d6-8d9fa9d29021; KRTBCOOKIE_153=1923-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&19420-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&22979-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn; PugT=1617193594
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 31 Mar 2021 12:26:33 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 29-Jun-2021 12:26:33 GMT; path=/
X-lat
amspug010:0:353
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-hlpqn
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=iakbZ1vZDAKY;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 26-Mar-2022 12:26:34 GMT;Max-Age=31104000;SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=iakbZ1vZDAKY&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
usersync
rtb.gumgum.com/ Frame 1E9E
35 B
237 B
Document
General
Full URL
https://rtb.gumgum.com/usersync?b=pbm&i=922F6019-CFB5-42B7-B6F9-4C3869EA172E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.11.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-11-193.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=pbm&i=922F6019-CFB5-42B7-B6F9-4C3869EA172E
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 31 Mar 2021 12:26:34 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*
mw
mwzeom.zeotap.com/ Frame 100E
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=922F6019-CFB5-42B7-B6F9-4C3869EA172E
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b7c336b6956950f94192a944cf16fbd7
  • https://spl.zeotap.com/?zdid=1332&zcluid=b1ffbb581582e690
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=900dacf9-3f71-443f-5e64-4894f1cf27fd&reqId=233f3153-e669-4a8d-74ea-1ee425df25ab&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGw5sn_BP1MwUqb0NbCQEqI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=900dacf9-3f71-443f-5e64-4894f1cf27fd&reqId=233f3153-e669-4a8d-74ea-1ee...
95 B
179 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGw5sn_BP1MwUqb0NbCQEqI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=900dacf9-3f71-443f-5e64-4894f1cf27fd&reqId=233f3153-e669-4a8d-74ea-1ee425df25ab&zcluid=b1ffbb581582e690&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
638991243e224ec2-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0929d90a9f00004ec2d403f000000001

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGw5sn_BP1MwUqb0NbCQEqI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=900dacf9-3f71-443f-5e64-4894f1cf27fd&reqId=233f3153-e669-4a8d-74ea-1ee425df25ab&zcluid=b1ffbb581582e690&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 100E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85596064-6a76-4300-89d6-8d9fa9d29021
0
418 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85596064-6a76-4300-89d6-8d9fa9d29021
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:33 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 31 Mar 2021 12:27:26 GMT
Server
MT3 3628 75f709e master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=85596064-6a76-4300-89d6-8d9fa9d29021
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 31 Mar 2021 12:27:25 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 100E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTIyRjYwMTktQ0ZCNS00MkI3LUI2RjktNEMzODY5RUExNzJF&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
X-lat
lhrpug020:0:515
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 100E
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
42 B
790 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:34 GMT
X-lat
amspug009:0:368
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
date
Wed, 31 Mar 2021 12:26:34 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
SPug
simage4.pubmatic.com/AdServer/ Frame A999
0
587 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 31 Mar 2021 12:26:36 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
SPug
simage4.pubmatic.com/AdServer/ Frame 100E
0
587 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 31 Mar 2021 12:26:35 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
rt=ifr
bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20T... Frame E53F
1 KB
2 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9d9f421bee4d971fdd9be0f659cd833a81a6cf67851af191f73e17a4c18a01f9

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.poststar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_cc_dc=1; _cc_id=b7c336b6956950f94192a944cf16fbd7; _cc_cc="ACZ4XmNQSDJPNjY2SzKzNAUigzRLE0NLo0RLE5PkNEOztKQUcwYgSEjJqgDRUAAARPQKPQ%3D%3D"; _cc_aud="ABR4XmNgYGBISMmqAFJQAAAUhgGn"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.poststar.com/

Response headers

date
Wed, 31 Mar 2021 12:26:37 GMT
content-type
text/html;charset=UTF-8
content-length
1403
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.16.187
set-cookie
_cc_id=b7c336b6956950f94192a944cf16fbd7;Path=/;Domain=crwdcntrl.net;Expires=Sun, 26-Dec-2021 12:12:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSDJPNjY2SzKzNAUigzRLE0NLo0RLE5PkNEOztKQUcwYgSEjJqv39%2F%2F9%2FfhAHDOS%2Bf%2BiTY3xnyvCfkZHh4vo93DD29HMT4OLnlyDEP76fJART8%2F7RDX4Yu%2FU7Qv3VY28FYOIdvefganY%2BQ9h1vecQ3K6%2Fny2ZIE7YowV2yPI%2FhagC544eYkYV%2BbtxCguqyKVTj9hQRXbvuyyAKvKh4T6ayOHFc9DMmbP%2BKTeqro8nTmmgirxbgq7r7El1VCWXl99mYYT6Z%2Be5m%2Fww9upTCPGPXY%2Fgah58Q4ifWHyWHab%2B8gGEOACHkKlc";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 26-Dec-2021 12:12:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBISMmqBVIQwM7AwDUDxGRcNwtMac2GUGAes8YuMG%2BDOJhaNx9IAgAD2ggk";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 26-Dec-2021 12:12:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021032202&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9a07ca0edd727abba42d42faf316441cd1571f7acc5e8ba3e61b40060a96a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6533
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 31 Mar 2021 12:26:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DC28
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.poststar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.poststar.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 31 Mar 2021 10:02:47 GMT
expires
Thu, 31 Mar 2022 10:02:47 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8630
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
pagead2.googlesyndication.com/bg/ Frame DC28
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/qcWZRcRw4fq915xPB9DSJSeGn7Tspit4rZWzDhmsliY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 14:21:16 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
79521
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5666
x-xss-protection
0
expires
Wed, 30 Mar 2022 14:21:16 GMT
tpid=08ecce6a-86b7-43c9-98a7-eb020357e223
bcp.crwdcntrl.net/map/c=10620/tp=TRAD/ Frame E53F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=08ecce6a-86b7-43c9-98a7-eb020357e223
49 B
239 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=08ecce6a-86b7-43c9-98a7-eb020357e223
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:37 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.28.186
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://bcp.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=08ecce6a-86b7-43c9-98a7-eb020357e223
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
382416.gif
idsync.rlcdn.com/ Frame E53F
42 B
394 B
Image
General
Full URL
https://idsync.rlcdn.com/382416.gif?partner_uid=b7c336b6956950f94192a944cf16fbd7&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
/
x.skimresources.com/ Frame E53F
0
0
Image
General
Full URL
https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=b7c336b6956950f94192a944cf16fbd7
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.255.22 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

g.json
aa.agkn.com/adscores/ Frame E53F
103 B
415 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.225.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-225-117.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:37 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
utsync.ashx
ml314.com/ Frame E53F
43 B
422 B
Image
General
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=b7c336b6956950f94192a944cf16fbd7&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.20.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:36 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Thu, 01 Apr 2021 08:26:37 GMT
/
loadm.exelator.com/load/ Frame E53F
0
324 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=260&buid=b7c336b6956950f94192a944cf16fbd7&j=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=6894/rand=698716296/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20poststar%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20app/med=%23OpR%2372333%23Keyword%20%3A%20open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property/rb=%7B%22meta_tag%22%3A%22open%20houses%2C%20real%20estate%2C%20showings%2C%20homes%20for%20sale%2C%20upstate%20new%20york%20homes%2C%20warren%20county%20open%20houses%2C%20farms%2C%20vacation%20homes%2C%20rental%20property%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
gen_204
pagead2.googlesyndication.com/pagead/
0
46 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021032202&jk=2744083097514323&bg=!urmluf3NAAbUo7L91KM7ACkAdvg8WvgCV1raQCon1RExChcHzfW8wEtUX6IQXDWgcScvrtCqzjACCgIAAAB4UgAAAAtoAQcKANYRg3EKo2eY7GbqOLNl2gBKsHwv9dTlUpI9dhLFIItdkk05E1cXskzeJ11MTC8AwFuT9WLLU65nWh_txnOf9QjEvy5vIEMOr1AESJG-07kV3FEFPlbPfCGe-O8kwG2LFqzJk8vG_ZopStoMXa9dw_EbIIwGwkKrj706Spny2O4ss9LkloOnKDObMNePvEewvAz7BpROIeBVE15uWOQO7XVtqwMOpnqtX9q0c5SzCSNWX0vdd8QgZ9MoUwxUsSClNbOLQKqadUzOfQZ7y1gEm2_468dB-yAFmQHSCla9N2nYOQQ3G2QwwEDAuN2Kh_NpydWlQZszZjCnQEeJo4is0-qLzRDCy045IEAxCgNRp4QOZwLMfXaQYj3L9067GQFuMcmfzZ54Bii8XqLwVDCwlGouz6Ce_-eZdwhux1w8e21bhzj1IA1zOu2APWvgmNaGEZun2hDTjVuj8KM-Mtw_x9b0panNa3uXK5oqTwG4Vpa3qKiKsUzSJLO4_rzKF6tgaATGaPtSR8jqFqnPkWzkI_qUk8batyZXJMCRabmvuhWVTEscrtXK75f_SQQU_soeCWayGBj3trpXwdyr6es_kePUYUIVu5IFWHMQCttyswnf09T6Jotqr2ENSMVGATWj_-T6NbVbRGxgxlGfPmYvzb2AdmxqEDe2MDim7VEANF-DxXJ0c5v54feCVsAVNlhBoJIxmzDsOhT6Q1JYU6uPa0pyo_n3knGV2QWuZgHBVEkZz-JXgp0-0q0drqcvntfGjsTvSvyG_8eAxm5GCoHVzKn6PjHe98Z02VAqXSsp5haUhb69Oqduae7p-NgD62HPDVbdPhLiLShnVSrGz56-3i2ZHFk_v2j82AfR7dh-BunYC1ew_IyUEBeBe79WMk9JMC5Cy64TgKJj8YE96Q
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Mar 2021 12:26:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
http://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.122&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=3&tvcfg=lee&f_privb=0&tid=ee66dbf9-7397-4f96-a083-a8f7504e12dc&pid=9846bcff-7575-4885-be01-db9828f1bea5&dtm=1617193600244&qnm=_matherq&visible=1&tabid=164cc1cc-ebf2-4b5a-bafa-494ad34e4237&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vp=1600x1200&ds=1600x2968&tofa=1617193600&vid=1&lvidt=1617193600&duid=5906e32b0ce95e65&fp=1072425006&cid=ma1527&mrk=725149320&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNzE5MzU4Nzk4NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxOS4zbWIiLCJoZWFwVCI6IjI0LjVtYiIsImZzdFBhaW50IjoiMTYzMiIsImZldGNoUyI6IjM2OSIsImRvbWFpblMiOiIzNzAiLCJkb21haW5FIjoiMzcxIiwiY29ublMiOiIzNzEiLCJjb25uRSI6IjM4OCIsInJlcXVTIjoiMzg4IiwicmVzcFMiOiI2MTMiLCJyZXNwRSI6IjcxOCIsImRvbUxvYWQiOiI2MTUiLCJkb21JbnRlciI6IjE2OTAiLCJkb21Mb2FkUyI6IjE2OTYiLCJkb21Mb2FkRSI6IjE3MDkiLCJkb21DbXBsdCI6Ijk0NTciLCJsb2FkUyI6Ijk0NTciLCJsb2FkRSI6Ijk0NjQifX0
Protocol
HTTP/1.1
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-210-103.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 12:26:40 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
prebid
ib.adnxs.com/ut/v3/ Frame 45DE
19 B
714 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:47 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid
fa7ac33b-6f59-4feb-a2a7-4618dd2ed605
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.poststar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 45DE
19 B
714 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:47 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.90:80
AN-X-Request-Uuid
d7fe5ea9-58af-4396-8836-72e1cd4896bf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.poststar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 45DE
19 B
714 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 31 Mar 2021 12:26:47 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.23:80
AN-X-Request-Uuid
73bb201f-650c-410a-9354-8cf18f89a37e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.poststar.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/
88 B
656 B
XHR
General
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.78.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-78-134.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
ccde1088d410b25ef5c948a4d4ced5424cfcec184a156d8c202d9bef0f73fe53

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 31 Mar 2021 12:26:47 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.poststar.com
access-control-allow-credentials
true
integrator.js
adservice.google.ch/adsid/ Frame 56BC
107 B
165 B
Script
General
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 56BC
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.poststar.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Mar 2021 12:26:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 56BC
453 B
779 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3956463812228235&correlator=4401790374249004&output=ldjh&impl=fif&eid=31060311%2C31060473%2C31060550%2C31060297%2C31060367%2C44739387&vrg=2021032202&ptt=17&sc=0&sfv=1-0-38&ecs=20210331&iu_parts=32867010%2CA_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=16&rcs=1&prev_scp=rsh_sz%3D728x90%26c%3D10%26r%3D110%26d%3Dlee728.net%26g%3Da9JORiXIKr5BlZrkHcnnVW%26gd%3Da9JORiXIKr5BlZrkHcnnVW%253Adesktop%26cc%3D0%26pf%3D50%26gm%3D54%26gf%3D42%26ag1%3D14%26ag2%3D15%26ag3%3D66%26ivt%3D24%26iva%3D82%26ivb%3D71%26ivc%3D63%26ivd%3D25%26ive%3D4%26ivp%3D95%26osr%3D97%26pre%3Dapnx%253Ae102%2Cttx%253A0%26pre_sz%3Dapnx%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cttx%253A0%26hb%3D0%26rsh%3D1&eri=1&cookie_enabled=1&cdm=www.poststar.com&bc=23&abxe=1&lmt=1617193607&dt=1617193607267&dlt=1617193591100&idt=113&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=1598&adys=62&adks=657788913&ucis=yc3z7hnw5gih&ifi=2&ifk=410702474&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&ref=http%3A%2F%2Fwww.poststar.com%2F&top=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&vis=1&scr_x=0&scr_y=0&psz=284x134&msz=284x90&ga_vid=194228186.1617193589&ga_sid=1617193592&ga_hid=394115153&ga_fc=false&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032202.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7afd79c401b7a0c9e3977b0ad6f4c51350b94b31f52ce615ae1543699b52c385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.poststar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 12:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.poststar.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| _cc6894 object| LOTCC function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| SelectorQueries object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| lee_getSubServ boolean| lee_srvlist object| lee_isal object| googletag object| APS_dfp_ads object| apstag object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| TNStats_Tracker object| TNTracker function| jsonFeed function| addUspapiFrame function| optOutMsgHandler function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| otStubData object| __otccpaooLocation object| gaplugins object| _402 function| _402_Show object| googleToken object| googleIMState function| processGoogleTokenSync boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| webmonitoring object| paidtasksshim object| Optanon object| OneTrust object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 undefined| lee_glus undefined| lee_glusIE undefined| sub_last_login_iso8601 function| messagingCallback function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| $sNavScroll function| postscribe object| google_tag_manager_external object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow function| fbq function| _fbq object| _comscore function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Snowplow object| $FR_LAB function| udm_ object| ns_p object| COMSCORE object| _33Across object| _mather object| _matherq object| tid object| google_optimize function| $TM_VR function| $TM_CC object| $TB function| nrlskOnEvent object| _tynt_jp number| uc number| _tynt_gpt_iframe_id object| GoogleGcLKhOms object| google_image_requests

60 Cookies

Domain/Path Name / Value
.adform.net/ Name: uid
Value: 6084857982209174542
.adform.net/ Name: C
Value: 1
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwU7IyNDO0MDEwNrQ00FEyNTAwRBUxMUblGxqh8Q2MUFTUAgDUyhDo
.lijit.com/ Name: ljt_reader
Value: e7e84a57a9c0f08dda39c58c
.openx.net/ Name: pd
Value: v2|1617193590|gen0vNiygu
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&19420-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn&KRTB&22979-hM93qoSedqifnSWrgcpsptaZJPufySeu0Jo2iwRn
eus.rubiconproject.com/ Name: pux
Value: 1512%3D98581%262249%3D98581%262974%3D98581%263778%3D98581%26idl%3D98581%26goog%3D98581%26brx%3D98581%262249-DV360-Hosted%3D98581%26
.rubiconproject.com/ Name: khaos
Value: KMXFB4ZN-B-ET4L
.pubmatic.com/ Name: SPugT
Value: 1617193595
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-0e39abfa-45d9-439a-83e7-0ee23208d7ed-60646a7a-4348
.lijit.com/ Name: _ljtrtb_12
Value: 8302113262692078232
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6084857982209174542&KRTB&23263-6084857982209174542
.rubiconproject.com/ Name: audit
Value: 1|qWEcyvg+1N9w3uj5fQ8+xyPUBxLBEwa11iARenn9ku5zGKu6Ep0WnpLAKiRmQvxLlTc9256law4iZ07GJqnMnvHQS5HvNV2/1+hjbac674zq3Zp0xi8F8EVJjZmtbhDc
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEADnTo2SWrhJ8NeN_NromsY&KRTB&22987-CAESEADnTo2SWrhJ8NeN_NromsY&KRTB&23025-CAESEADnTo2SWrhJ8NeN_NromsY
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&16736-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23019-uid:85596064-6a76-4300-89d6-8d9fa9d29021&KRTB&23114-uid:85596064-6a76-4300-89d6-8d9fa9d29021
.gumgum.com/ Name: vst
Value: e_7f648add-bea0-4ac3-914d-6f6ab5c675a9
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-08ecce6a-86b7-43c9-98a7-eb020357e223&KRTB&22918-08ecce6a-86b7-43c9-98a7-eb020357e223&KRTB&23031-08ecce6a-86b7-43c9-98a7-eb020357e223
.lijit.com/ Name: _ljtrtb_5001
Value: b7c336b6956950f94192a944cf16fbd7
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6945793597534369939
.lijit.com/ Name: ljtrtb
Value: eJyrVjI0UrJSsjA2MDI0NDYyMzKzNDIwtzAyNlLSUTIxBkpllqfnVuSXRHlZBAeG54V4ZKUbWFaW5KSmRKUGuuQlORsbGnhWhWeYKNUCANtoFUM%3D
.pubmatic.com/ Name: pi
Value: 2:4
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3532233991374577907
.poststar.com/ Name: _ga_G2BL49024K
Value: GS1.1.1617193589.1.0.1617193589.60
.amazon-adsystem.com/ Name: ad-id
Value: A2WVdU4BX0vDkokIBxWrRx0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ebd18937-0baa-4edb-bdfb-6a058c5c304f
.lijit.com/ Name: _ljtrtb_86
Value: 99EYpyI0tSEqWc1j5Ew4
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YGRqdgAAAGgtaToG&KRTB&23194-YGRqdgAAAGgtaToG&KRTB&23209-YGRqdgAAAGgtaToG&KRTB&23244-YGRqdgAAAGgtaToG
.pubmatic.com/ Name: SyncRTB3
Value: 1619740800%3A203%7C1618444800%3A35%7C1617753600%3A2_67_223_15%7C1618012800%3A63%7C1618358400%3A13_8_204_22_165_161_56_71_166_88_176_21_81_55_7_3_54_220_189
.doubleclick.net/ Name: IDE
Value: AHWqTUldSfWO9lcYxJTchBI64rG0MLs2K19_FfGrqzIDbd_w3RomYSYxDKyN4heZK6Q
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-1qUcCCHUZ5VAPg6eIaXGWkDK&KRTB&23212-1qUcCCHUZ5VAPg6eIaXGWkDK
.poststar.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Mar+31+2021+14%3A26%3A29+GMT%2B0200+(Central+European+Summer+Time)&version=6.6.0&hosts=&landingPath=http%3A%2F%2Fwww.poststar.com%2Fapp%2Fmarketplace%2Fhomes%2Fopen_houses%2F&groups=C0002%3A1%2CC0001%3A1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tribalfusion.com/ Name: ANON_ID
Value: a4nseFSZdIiiSTnMSYlklOVedF9Xf0oQC6RV9nvqtXuyaUA2bYbsZak1Q4ZaHyndVIrZciAvaGRlvw423nAZbEcZdP
www.poststar.com/ Name: tms_wsip
Value: 1
.openx.net/ Name: i
Value: 8c6305cf-037b-0815-1978-65277892d36b|1617193590
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6230805304824807909
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 922F6019-CFB5-42B7-B6F9-4C3869EA172E
www.poststar.com/ Name: tms_SessionID
Value: TQUZQFB4IA
.poststar.com/ Name: _ga_NFTGWT90ER
Value: GS1.1.1617193589.1.0.1617193589.0
.poststar.com/ Name: _ml_id
Value: 6b0b55b6c8b399e1.1617193590.1.1617193590.1617193590
www.poststar.com/ Name: tms_VisitorID
Value: 1gv56fb4g7
.pubmatic.com/ Name: DPSync3
Value: 1618358400%3A226_219_197_221_201_227%7C1617235200%3A174
.poststar.com/ Name: _fbp
Value: fb.1.1617193590288.591751299
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8302113262692078232
.poststar.com/ Name: _ga
Value: GA1.1.194228186.1617193589
www.poststar.com/ Name: TNNoMobile
Value: 1
www.poststar.com/ Name: usprivacy
Value: 1YNN
.poststar.com/ Name: _dc_gtm_UA-54716522-2
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAC4sU7AyNUAACfqTOupZg
.poststar.com/ Name: _gid
Value: GA1.2.600286437.1617193589
.poststar.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.lijit.com/ Name: _ljtrtb_43
Value: iwgmxotZJ8SQWnTHjg09ytledZeQDnbC310IzWh4
.poststar.com/ Name: __gads
Value: ID=3e3b17b966668bbc:T=1617193589:S=ALNI_MZZ7ZHoKMBfymUZM7z37_IDajH8Aw
.poststar.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.pubmatic.com/ Name: PugT
Value: 1617193594
.poststar.com/ Name: _ml_ses
Value: *

10 Console Messages

Source Level URL
Text
console-api log URL: https://bloximages.chicago2.vip.townnews.com/poststar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.1477faac295a3745e4796d2263e75f11.js(Line 1)
Message:
Google Survey: script loaded
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.36.0
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi
console-api log URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js(Line 96)
Message:
received a request for uspapi

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5061f0b7eeb00b407e24883bf29dd77b.safeframe.googlesyndication.com
a.leetemplates.com
a.tribalfusion.com
a896125dab8f29e86e288da46edd18c4.safeframe.googlesyndication.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
adservice.google.de
am.freshrelevance.com
ampcid.google.com
ampcid.google.de
ams.creativecdn.com
analytics.google.com
ap.lijit.com
aud.pubmatic.com
b.scorecardresearch.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
cdn-sic.33across.com
cdn.cookielaw.org
cdn.tynt.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
d5p.de17a.com
d81mfvml8p5ml.cloudfront.net
de.tynt.com
dis.criteo.com
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
dsp.adfarm1.adition.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
geolocation.onetrust.com
green.erne.co
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js.matheranalytics.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
ml314.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
poststar.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.tribalfusion.com
sb.scorecardresearch.com
sc.tynt.com
secure.adnxs.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
survey.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.classifiedconcepts.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.openhouses.poststar.com
www.poststar.com
x.bidswitch.net
x.skimresources.com
104.16.39.14
104.16.88.26
104.18.130.43
107.178.250.234
108.129.45.237
124.146.215.48
13.226.158.204
13.226.159.22
142.250.185.98
142.250.186.98
151.101.14.49
159.253.128.183
169.197.150.7
173.231.180.197
178.250.2.151
178.62.202.251
18.195.155.181
18.198.69.109
184.25.115.49
184.30.24.22
185.184.8.30
185.29.135.227
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
185.86.137.131
185.86.138.120
188.165.4.142
192.104.182.109
193.0.160.129
193.122.128.135
198.148.27.140
2.16.186.51
2.18.232.130
2.18.233.180
2001:678:cb4:bbbb::11
208.100.17.182
208.100.17.184
213.155.156.184
213.19.147.151
216.52.2.39
23.37.42.132
2600:9000:20eb:3a00:2:36a1:2f40:21
2600:9000:20eb:5200:e:98bf:5f00:21
2600:9000:21f3:c600:7:5031:dc0:21
2606:4700:10::6814:b844
2606:4700:10::6816:1957
2606:4700::6810:125e
2606:4700::6810:9540
2606:4700::6812:c05
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2010
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2011
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9b
2a00:1450:400d:809::2001
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.52.49
3.121.49.210
3.126.56.137
3.225.15.51
34.102.205.239
34.200.78.134
34.253.109.165
34.253.11.193
34.98.107.212
35.156.19.236
35.201.96.126
35.244.159.8
35.244.174.68
35.244.255.22
37.157.4.25
37.252.172.249
37.252.173.27
47.252.78.131
51.210.112.236
52.202.125.251
52.29.225.117
52.30.36.221
52.48.137.92
52.49.20.76
52.95.124.170
54.166.210.103
54.171.41.106
64.202.112.127
64.202.112.95
66.155.59.43
66.155.71.25
67.202.110.21
69.173.144.138
69.173.144.139
72.251.249.9
77.243.60.138
85.114.159.93
006013c9aa1a1e59af8101222585272cf6d3385cc4e241aa28455bf2fa97db3b
0230e8c67f568c29bfa2d9756f6e9f79ca6a375d99cbeb54bf09c35fb9e525c4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0683cd99aba155b159a55dbbaa2b4d8adb1f45aadc6034fa671212911c4877cc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0785141e6461918363176bb595c118997a66d51af8338db5999308cd593cfebd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c4c258f6e24e9861dd7cc3ae5d823e0c09a243f9e671cabbfed9b2be2825085
2c77519cfdb3f918d4e3b9f39bd2f296779e6269476bfe2be98d3eaa6cc8b183
2c9f462b9ddb54a7a6e44095009d3c0868cf1c131adfa4c5b2fa5a04b20820da
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
32a7ced3ccdc6b7327926b3cdd3b989e1c6faa327b2c2e850043d52945062d57
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
379d1d87028bd1acb01dfd7fdc80414ae86e940697a0f69af0c631853d46e0b4
3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b
3a5e8dc4517fdeb8237ce0b121a68f0352ef1684d1f012c616d776931afecc22
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf
3dab02509ffe0c88da5bcd61b7924352fdc54932efb608c8fdb2e588edc4f88b
3e3300944d5be3cffc3e0d5ed64b97e662c37985e21857d3e7825761c69926d4
3e5a1ff76c0dbf1d3095189ac9548a524542b45aed9d2c101155286da07ff595
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414548cf117637b2591a53f74059f66829f55dce7c1b1ddd2dc29099e48723a8
4386eff36cb49fb14e9148d1d72718ad3028731b44051e703cf284a83f017082
4509d0b710d7f4b653d9c39a254a1388d4d299423430c7af0c5de79f11907d79
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4ce7c72c64a4a380ecdbe7925f26f4df5e703444e35ed16ab4d77243586a691c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4f1affc8310c17ca43db22c764e0d9ff6fea319383900a6f66522e29974e97f3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
52c215255228b3ab165f8c432e76b4d356aaa06b671f2f2a990482b44102bb4b
54ab33bf7927f92752e316b76a8976c658f90cb87860bcc209846562f2e133fa
55a377384671921bafe7c234c76ad5c0f9967182cccde8f82255a2f386be78f7
55c58a81ad956f2675d0ff48fd771d80e452878036ad5b2c5a37f18bc731f8cd
560357e94ad4e3f3e2199cdecaaf8d339f35d97ec03de8b875eef2bbd80b43fb
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5ebd9209860acdfd433d38c87b6d910faef22391237f009b9be42a6d5121fc29
5ec179a70c6612cc15f73b464687aca640c5ebde31ef010b3b6061ebb235f6c6
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb4ce8dea8b26080f3627d5b398b131b8f59a280ec18f07e959b9c7583e061a
6e6c02cecdf5cb7b5db7cbf455c81c05828f2f801dd585ffdfa9d4cc90e9be1a
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
783355ba48d24f37c27cafa383cef88a462f95b7fc65d4fdaf57a0bcca7f371c
7a0eaf21fe4084cc7105e771f57731abe41a4d647a4879dea141885fcc3096b2
7a70fb6fbf76e1ed79a829d054838b6a035f0b01cd9c9ab043e10e1155fde2dc
7afd79c401b7a0c9e3977b0ad6f4c51350b94b31f52ce615ae1543699b52c385
7bc5cdc982210fa5f543ec21cb32c7246c3226cc4d48a525248df920af7eb107
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
80e717f7f97b69547f30e8fb2adb1abdb3fdcd94b907472cc26e4d491f005825
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e28d98d00ac01cadd6d849a4e2bd093379a36618ca5978e211cf99fbdb62f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f11f2d65d3a1594a57625e5a9457a1beb87c6a0399172cab062d50263ae388b
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94afb4609cd5d95128057b67ee0ef36f867bacc074b6e116d874ed8b0852b73f
965f803d8ad03055488898d24956009dc1a5ebbd1f75ff811e3a28df095e68d5
96bbf4f9521f17f3be8143f5c7b7918869757bdae7eee27f6d5bd83809cd4f32
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d9f421bee4d971fdd9be0f659cd833a81a6cf67851af191f73e17a4c18a01f9
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5986af015b65afced1df1e2b5920c55790f2da55a963154befd162a13f981cf
a5f288838a9ad31e006954f556180652f85c00f6df72143326d785e568548307
a9a07ca0edd727abba42d42faf316441cd1571f7acc5e8ba3e61b40060a96a9d
a9c59945c470e1fabdd79c4f07d0d22527869fb4eca62b78ad95b30e19ac9626
aaeac710ad8f357ac539c9a355875d0d50e2d3b93105a7ce901437903b25b04e
ab9e5d421e07bea11148e6a418c248ada64a3b6de0794f5138c3549639c31d60
ae782b53efa1b7d46d0e4563053479064f75accccc10bf1df20955a79b5686fb
af5b302476d70d5a88a1e754caae011855e9fd3b6d67bfd633b58a4645d66cc3
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b31c085418d26c65e2230c4b6856c1a15f5ec0f6a09cfd85f98cddfa50420030
b3a8551f39a914eb638113f77ba53d3477697583b5fe99131341bef0f3bc8546
b5f530893dfec0ab589764a1d76308089700121de76d6f6b913e326ec3d69dfb
b7d28c5ab059f7caafae403f7f142daa54ecb150793657b912348046ae66745b
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c79456b94ef17205d2e7ce09158c3c97e909feb47209e69b0590d7951759849c
c7c4e85fab99165f7d8a912f21ae8d691b6a96049780d96e174e6394e09384ca
c7dd7408ff486893c0fea5d756d60e7e9fa7545104c704d9020015304afc8f48
c91c2dc5a6de1fa512b4bbd5783ea899fcd33b2f25bdf1d40a0528a51788d697
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccde1088d410b25ef5c948a4d4ced5424cfcec184a156d8c202d9bef0f73fe53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09bf7038c6fbe117545fa9d1c36537b53fcafa5a211f8cb85b7e5a81b39d0fe
d0d32fe5b30e866839decf84b118342f4be10b6c25ca1858f6aba25037b0734c
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb9f0a8cead4ff30e9d6f6c76bbe6056a71ddeb6a35dabf82240ec16d14f934
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ea86e999affe12f16c132bf61905bcf959a0dfe0cdfdf09d1d2931a778f7b6
e4c9f79c63e59fa4998656fa056fdbc913748d2a17eb1b5f0429c02e900118eb
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e8f6e4939961ce44c91c4fa7a1d0f77b69b9d8084859e9d054ec770da6778cdb
e97762133761453261a9e8bba0896406160f8b2068ca3b5d16ca8af4d2f2231d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f007b640ae762dcc0427f0799a7e2d681b3904354ce5c72ec789bd3998b07016
f402b2d75ac54e1c369d34b97efcedb68aa084b039ab91b85ad70ea53ebb5a3a
f560ef51d47e36158a7122135ebb881eda3ea0fc010728c0451a61efa6c2d51a
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f93443fc903018908a6fc84cb05ea8a17542b10c47ed4bed35019ffdfec1621f
f95fe1c0376aa720a01267e70fb42a259d610fa9fa66f78e7fc629f9bd835c43
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fb292adfbeea105ed080b816b23bf0e647e6461644f8f000de511886ae81ee74
fc8cbf5a35532137fd68de77a639b965065c14026147fd1be69b47e124726ab6
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f
ffa8814637fab7a454e06a6403a650615c04044d4f881b04ffdfcdc1395d98da