www4.pictures.gi.zimbio.com Open in urlscan Pro
151.101.66.217 Public Scan

URL: https://www.zimbio.com/TV
Title: TV

URL: https://www.zimbio.com/specials/TV
Title: WHAT TO WATCH

URL: https://www.zimbio.com/specials/Streaming
Title: NETFLIX & HULU

URL: https://www.zimbio.com/Movies
Title: MOVIES

URL: https://www.zimbio.com/specials/Movies
Title: MOVIE NEWS 2021

URL: https://www.zimbio.com/specials/Pop+Culture
Title: POP CULTURE

URL: https://www.zimbio.com/Celebrity+News
Title: CELEBRITY NEWS

URL: https://www.zimbio.com/quiz
Title: QUIZZES

URL: https://www.zimbio.com/trivia
Title: TRIVIA GAMES

URL: https://www.zimbio.com/photos
Title: PHOTOS

URL: https://facebook.com/Zimbio

URL: https://pinterest.com/zimbio

URL: https://instagram.com/zimbio

URL: https://www.zimbio.com/The+Best+Performances+In+Movies+Nobody+Talks+About
Title: The Best Performances In Movies Nobody Talks About

URL: https://www.zimbio.com/Everything+You+Need+To+Know+About+'The+Lord+of+the+Rings+The+Rings+of+Power'
Title: Everything You Need To Know About: 'The Lord of...

URL: https://www.zimbio.com/The+Most+Cringe-Worthy+Red+Carpet+Looks+From+2002
Title: The Most Cringe-Worthy Red Carpet Looks From 2002

URL: https://www.zimbio.com/The+Greatest+Gallery+of+Robin+Williams+Throwback+Photos
Title: The Greatest Gallery of Robin Williams Throwbac...

URL: https://www.zimbio.com/Celebrity+Look-Alike+Moms+Daughters
Title: Celebrity Look-Alike Moms & Daughters

URL: https://www.zimbio.com/specials
Title: PHOTO SPECIALS

URL: https://www.zimbio.com/Kurt+And+Wyatt+Russell+Team+Up+For+New+Monsterverse+'Godzilla'+Series

URL: https://www.zimbio.com/Everything+We+Know+About+'Indiana+Jones+5'
Title: Everything We Know About 'Indiana Jones 5'

URL: https://www.zimbio.com/The+Rock's+Mom+Has+A+'Smackdown+Room'+Shrine+Dedicated+To+Him

URL: https://www.zimbio.com/trivia/5u8F1KL9xta/Can+Match+Inspirational+Robin+Williams+Quote

URL: https://www.zimbio.com/Actors+Who've+Been+In+Both+Marvel+And+Lord+of+the+Rings%2C+Hobbit+Movies

URL: https://www.zimbio.com/Ryan+Gosling+Has+Been+Making+The+Same+Face+On+The+Red+Carpet+For+20+Years

URL: https://www.zimbio.com/'The+Office'+Cast+Then+Now

URL: https://www.zimbio.com/Official+'House+Of+The+Dragon'+Trailer+Goes+Heavy+On+The+Fire-Breathers

URL: https://www.zimbio.com/'The+Dark+Knight+Rises'+10+Years+Later+Tom+Hardy's+Bane+Voice+Still+Rings+Out

URL: https://www.zimbio.com/trivia/6b_UL8F8zJJ/Won+t+Able+Name+These+100+Disney+Characters

URL: https://www.zimbio.com/Paul+Newman+And+Joanne+Woodward's+Marriage+In+Photos

URL: https://www.zimbio.com/Heath+Ledger+Was+'Instrumental'+To+Rose+Byrne's+Career%2C+And+Other+Aussie+Actors%2C+Too

URL: https://www.zimbio.com/The+Most+Messed-Up+Animated+Movie+Moments

URL: https://www.zimbio.com/There's+'Quite+A+Bit+Missing'+Of+Emilia+Clarke's+Brain+Following+Aneurysms

URL: https://www.zimbio.com/The+'Lost'+Cast+Then+Now

URL: https://www.zimbio.com/Ben+Affleck+And+Jennifer+Lopez+Then+And+Now

URL: https://www.zimbio.com/Five+Things+To+Watch+When+You're+Done+Binging+'Stranger+Things'+Again

URL: https://twitter.com/zimbio

URL: https://www.livingly.com/
Title: LIVINGLY

URL: https://www.mabelandmoxie.com/
Title: MABEL + MOXIE

URL: https://www.lonny.com/
Title: LONNY

URL: https://www.stylebistro.com/
Title: STYLEBISTRO

URL: https://www.itsrosy.com/
Title: IT‘S ROSY

URL: https://www.livinglymedia.com/zimbio-about-us
Title: CONTACT US

URL: https://www.livinglymedia.com/advertise/
Title: ADVERTISE

URL: https://recurrent.io/wp-content/uploads/2022/07/Recurrent-Terms-Conditions-06.21.22.pdf
Title: TERMS OF SERVICE

URL: https://recurrent.io/wp-content/uploads/2022/07/Privacy-Policy-Recurrent-06.21.22.pdf
Title: PRIVACY POLICY

URL: https://www.livinglymedia.com/
Title: Livingly Media, Inc.

URL: https://recurrent.io/
Title: Recurrent Ventures, Inc.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www4.pictures.gi.zimbio.com/ HTTP 301
https://www4.pictures.gi.zimbio.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://sb.scorecardresearch.com/b?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548185612&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=300&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548185612&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=300&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9=

Request Chain 141

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=32fafeeb-4f19-475f-8c8b-4ac2c7e9e700

Request Chain 142

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3035497866634089000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3035497866634089000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=b88a763f-29d9-4227-bc63-bc651295a12e&cs=1

Request Chain 143

https://c1.adform.net/serving/cookie/match?party=14&cid=4E523AC7-5B95-4170-AC06-670AE238C22F HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4E523AC7-5B95-4170-AC06-670AE238C22F

Request Chain 144

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yvn0WgAGjxk8egAK HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=&_test=Yvn0WgAGjxk8egAK

Request Chain 145

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2da62f9-f45a-4d00-9071-fa464b6eee05&gdpr=0&gdpr_consent=

Request Chain 146

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWFJVN0Y4LWtBQUJHTjEtS3daUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEXRU7F8-kAABGN1-KwZQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEXRU7F8-kAABGN1-KwZQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEXRU7F8-kAABGN1-KwZQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1223438846415919957 HTTP 303
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEXRU7F8-kAABGN1-KwZQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1223438846415919957%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 307
https://match.prod.bidr.io/cookie-sync?userid=1223438846415919957&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXRU7F8-kAABGN1-KwZQ

Request Chain 149

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1b4fe2be-1c6b-11ed-ad86-7a1b3cd4bdb4

Request Chain 150

https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nUmTrFXsTwhN8Tg815BiKmAJ-SQ

Request Chain 151

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1660548186384 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8869705596 HTTP 302
https://sync.1rx.io/usersync/tradedesk/743c1b44-933e-4111-9ad8-0775ef5b3ede HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005

Request Chain 152

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b146772a-6b25-40c4-8133-7a36f87ff6dc&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4E523AC7-5B95-4170-AC06-670AE238C22F

Request Chain 153

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363760812

Request Chain 154

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kcweKbNm1Onurg5&gdpr=0&gdpr_consent=

Request Chain 155

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 156

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7138345861768999502&uid=Q7138345861768999502&ref=%2Fepm HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138345861768999502

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TlI6x1uVQXCsBmcK4jjCLw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TlI6x1uVQXCsBmcK4jjCLw%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 159

https://idsync.rlcdn.com/420486.gif?partner_uid=4E523AC7-5B95-4170-AC06-670AE238C22F HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDRFNTIzQUM3LTVCOTUtNDE3MC1BQzA2LTY3MEFFMjM4QzIyRhAAGg0I2ujnlwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=e609682ddd0ebcfad4baee4a92aff13e1505055cc987ccef0d224a7d7b1b214d791426b5417dce21&_=2 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlNjA5NjgyZGRkMGViY2ZhZDRiYWVlNGE5MmFmZjEzZTE1MDUwNTVjYzk4N2NjZWYwZDIyNGE3ZDdiMWIyMTRkNzkxNDI2YjU0MTdkY2UyMRAAGgwI2ujnlwYSBAgCEABCAEoA HTTP 302
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlNjA5NjgyZGRkMGViY2ZhZDRiYWVlNGE5MmFmZjEzZTE1MDUwNTVjYzk4N2NjZWYwZDIyNGE3ZDdiMWIyMTRkNzkxNDI2YjU0MTdkY2UyMRAAGgwI2ujnlwYSBAgCEABCAEoA&google_gid=CAESEK9zVw_Z1qnX7-6xr-GeV6Y&google_cver=1 HTTP 307
https://usermatch.krxd.net/um/v2?partner=liveramp_identity

Request Chain 160

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=64a362f9-f45a-4200-ae14-20591adc6f4c

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEU1MjNBQzctNUI5NS00MTcwLUFDMDYtNjcwQUUyMzhDMjJG&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEU1MjNBQzctNUI5NS00MTcwLUFDMDYtNjcwQUUyMzhDMjJG&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFehf2jubxdlCvRcgM0b2WM&google_cver=1

Request Chain 163

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:217E2E5E244E4FE38B8FED528A1D6A1E

Request Chain 164

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2369653545561265028&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 165

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=743c1b44-933e-4111-9ad8-0775ef5b3ede

Request Chain 167

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4E523AC7-5B95-4170-AC06-670AE238C22F&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Onad7gRE2uV5_JKAXaVw5zoWkX5dfL0-~A&gdpr=0&gdpr_consent=

Request Chain 169

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=febe0555-4cde-43e9-9e1e-e1fece164480&gdpr=0&gdpr_consent=

Request Chain 170

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=30755c5d64f41844&is_secure=true&networkId=17100&version=1&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTF9XcVXzQN7aUh9AAAAAAA&expiration=1660634586&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 171

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4399279868920492754&gdpr=0&gdpr_consent=

Request Chain 172

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B4_jNFeJsDQc2LJuUNuoO1SKvT8cj7NvU4UJWAmQ

Request Chain 173

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=65f8d0f6-f316-42e3-b077-5daeb722f7fa-62f9f45a-5553&gdpr=0&gdpr_consent=

Request Chain 174

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=0151ccce-1edf-431c-b839-7d7a8a8f6c08 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 175

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_F4A3D0E4_71E619ED&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 176

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4214309458317605686

Request Chain 178

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=1&gdpr_consent=

Request Chain 180

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4399279868920492754

Request Chain 182

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBigLOJDHoOEFiYNArW0647es1ZEpRv3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBigLOJDHoOEFiYNArW0647es1ZEpRv3w&google_tc=

Request Chain 184

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ghpD77esdJGpv9AewU3d6moNPrfB0n13LN-sc9PZSBg

Request Chain 186

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF91wrhlnBY36s1vZJgwSEU&google_cver=1

Request Chain 187

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6b210a46ea891222&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGcYxwbyQwrANWjoqmAAAAAAA&expiration=1660634586&is_secure=true

Request Chain 189

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

Request Chain 192

https://id5-sync.com/i/850/8.gif?id5id=ID5*ug4sCQRPlXNZQe0giZeMURgGuXHHq183pKhw71jt3oEe43yFPFK9n3PSd3LlJcO2&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/850/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/2/7/2.gif?puid=4399279868920492754&gdpr=0&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO5An0NbkHjGZp0e0X-EDYNyftPnFE7hGpuKu_xw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/3/6/3.gif?puid=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttl=%%TTL%% HTTP 302
https://match.prod.bidr.io/cookie-sync/id5 HTTP 303
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEXRU7F8-kAABGN1-KwZQ HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/796/3/6.gif?puid=febe0555-4cde-43e9-9e1e-e1fece164480&gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/850/429/2/7.gif?puid=4E523AC7-5B95-4170-AC06-670AE238C22F&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
https://id5-sync.com/c/850/434/1/8.gif?puid=f7910f0d-3c22-4322-a537-fd9e2c48f4d4&gdpr=0&gdpr_consent= HTTP 302
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/850/441/0/9.gif?puid=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=

Request Chain 209

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&dcc=t

Request Chain 218

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=8069c585-162d-407f-bfa0-ba35b11c7aae

Request Chain 219

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=545dc243

Request Chain 220

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=217E2E5E244E4FE38B8FED528A1D6A1E&ex=simpli.fi&status=ok

Request Chain 221

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0 HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=4399279868920492754&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmVhbHRpbWUuY29tJmlkPSRFTVhVSUQ= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=4399279868920492754brt56841660548186860521b4

Request Chain 223

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Request Chain 227

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3147201397473729423&gdpr=0&gdpr_consent=

Request Chain 228

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7989deae155a1223&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEhpBFk-JtygNF8B6hAAAAAAA&expiration=1660634586&is_secure=true&gdpr=0

Request Chain 232

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1EaHBjWnhsRTJ1SkhLY2dIV1BJSnlaN3hPZmZRUXFhQ35B&gdpr=0&gdpr_consent=

Request Chain 233

https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

Request Chain 234

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=399382343906235679505

Request Chain 240

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvn0WgAGjxk8egAK

Request Chain 242

https://match.adsrvr.org/track/cmf/openx?oxid=5b06538c-b381-3ed0-4b3b-8103e2b49924&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttd_puid=5b06538c-b381-3ed0-4b3b-8103e2b49924&gdpr=0&gdpr_consent=

Request Chain 244

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOd_5WiLV8oZ3qaPYDYP69E&google_cver=1

Request Chain 246

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=4399279868920492754

Request Chain 247

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=53cdd606-493b-4a47-aaff-fd777b3060d5&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=8069c585-162d-407f-bfa0-ba35b11c7aae

Request Chain 248

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_34909710-7515-442a-b8cf-529e12e8aae1&obuid=ENC(GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DGxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=da5a95f8-4477-483a-9a6a-1e9ead2728d1&obUid=GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg

Request Chain 249

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=ac3bf7fc-9b94-0686-2c40-91ee2ae49862

Request Chain 250

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-9d4993ac-55ec-4f08-4df1-383cd790622a$ip$96.9.249.36

Request Chain 251

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-Qlb5V2pE2pcNtZX_6HraYiM.ojbDmQFvOhS2~A

Request Chain 252

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=febe0555-4cde-43e9-9e1e-e1fece164480

Request Chain 253

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
https://usersync.gumgum.com/usersync?b=snc&i=595A92C807BD4B9D8958F7C79509FE27

Request Chain 254

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
https://usersync.gumgum.com/usersync?b=dit&i=di_0f5dcccb93994be09a0a2

Request Chain 255

https://b1sync.zemanta.com/usersync/gumgum/?puid=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=-qCzjeY4KNk7QUar7U_9&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2LLRIN5GUZKZGRFU42ZXKFKWC4RXKVPTS&gdpr=0 HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2LLRIN5GUZKZGRFU42ZXKFKWC4RXKVPTS HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-qCzjeY4KNk7QUar7U_9

Request Chain 256

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=da5a95f8-4477-483a-9a6a-1e9ead2728d1

Request Chain 257

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005&rndcb=4012877152 HTTP 302
https://r.bidswitch.net/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8069c585-162d-407f-bfa0-ba35b11c7aae&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dadconductor%26bsw_param%3D8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=8069c585-162d-407f-bfa0-ba35b11c7aae&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dadconductor%26bsw_param%3D8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=bb6f26e7-c780-4c86-98d7-663bb503824b%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dadconductor%2526bsw_param%253D8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttd_puid=bb6f26e7-c780-4c86-98d7-663bb503824b%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dadconductor%26bsw_param%3D8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=adconductor&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://sync.1rx.io/usersync/bidswitch/8069c585-162d-407f-bfa0-ba35b11c7aae?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005

Request Chain 258

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=oKcfcqjcKA90&ev=1&pid=558355

Request Chain 259

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=4621261498042866653

Request Chain 261

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=0&gdpr_consent=

Request Chain 262

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=atm&i=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=

Request Chain 265

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=ttd&i=743c1b44-933e-4111-9ad8-0775ef5b3ede

Request Chain 266

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=emx&i=$UIDbrt56841660548186860521b4 HTTP 302
https://usersync.gumgum.com/usersync?b=emx&i=4399279868920492754brt56841660548186860521b4

Request Chain 267

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=Yvn0W8Co5sEAAOjY6VcAAAAA

Request Chain 268

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=9x9bLknQ2UfEQrEtmyeH&pi=gumgum&tc=1

Request Chain 269

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 271

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=10&3pid=968625781017952823

Request Chain 272

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=87&3pid=b88a763f-29d9-4227-bc63-bc651295a12e

Request Chain 273

https://um.simpli.fi/lj_match?r=1660548186874&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=217E2E5E244E4FE38B8FED528A1D6A1E

Request Chain 274

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkpoYmNQWkg0NHVQUGRxd1RsMjlIRkxk&gdpr=0

Request Chain 275

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=2W3dzYlrjs3COoyXjjmWwopog8bCbY2WjWd5hi-Y

Request Chain 280

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

Request Chain 281

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
https://b1sync.zemanta.com/usersync/sharethrough/ HTTP 302
https://stags.bluekai.com/site/23178?id=-qCzjeY4KNk7QUar7U_9&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHUWXCQ32NJSVSNCLJZVTOUKVMFZDOVK7HE HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTEYJTGRRGCNJUEZZW65LSMNSV65LTMVZF62LEHUWXCQ32NJSVSNCLJZVTOUKVMFZDOVK7HE HTTP 302
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=-qCzjeY4KNk7QUar7U_9

Request Chain 282

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

Request Chain 283

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

Request Chain 284

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
https://sync.bfmio.com/sync?pid=106&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede

Request Chain 285

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=217E2E5E244E4FE38B8FED528A1D6A1E

Request Chain 286

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=2953 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=2953&s_h=1 HTTP 302
https://sync.bfmio.com/sync?pid=102&uid=270db8e1-9279-4efe-829e-0985c7c4a911

Request Chain 287

https://ad.mrtnsvr.com/sync/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=187&uid=nyniy5HaM

Request Chain 288

https://sync.1rx.io/usersync2/beachfront HTTP 302
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005&rndcb=5929957766 HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=7dc5fab1-7e20-430f-a375-9317bba0deee&expires=1&user_group=5&ssp=adconductor&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://sync.1rx.io/usersync/bidswitch/8069c585-162d-407f-bfa0-ba35b11c7aae?gdpr=&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005?redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D179%26uid%3DRX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005 HTTP 302
https://sync.bfmio.com/sync?pid=179&uid=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005

Request Chain 289

https://match.prod.bidr.io/cookie-sync/bch HTTP 303
https://sync.bfmio.com/sync?pid=168&uid=AAEXRU7F8-kAABGN1-KwZQ

Request Chain 290

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yvn0WkgbCe6CMOaiNj2AXwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM1Zp1SpFHT0TbJ9mx0v0vc&google_cver=1

Request Chain 291

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&expiration=1663140187&gdpr=0&gdpr_consent=

Request Chain 292

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yvn0WkgbCe6CMOaiNj2AXwAAAigAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM17LXR4aCYo4SjQm-3OUgk&google_cver=1

Request Chain 294

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=08042204079eaa2d59b5fbfa&expiration=[EXPIRATION]

Request Chain 296

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bebcb8da1e544f67b60dbfdab4449e11&expiration=1663140187

Request Chain 297

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4399279868920492754

Request Chain 299

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae&google_hm=ODA2OWM1ODUtMTYyZC00MDdmLWJmYTAtYmEzNWIxMWM3YWFl HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPpFR-bUdETm9xxh9J5Ny1E&google_cver=1&ssp=sonobi&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae HTTP 302
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=8069c585-162d-407f-bfa0-ba35b11c7aae

Request Chain 300

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b14a62f9-f45a-4e00-bf0a-9beda717122b

Request Chain 301

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent= HTTP 302
https://sync.go.sonobi.com/us.gif?nw=td&nuid=743c1b44-933e-4111-9ad8-0775ef5b3ede&pubid=91e92b73fd

Request Chain 302

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Zjc5MTBmMGQtM2MyMi00MzIyLWE1MzctZmQ5ZTJjNDhmNGQ0 HTTP 302
https://sync.go.sonobi.com/usg.gif?google_gid=CAESENRfy9HQfuB6-QdME48TbWc&google_cver=1

Request Chain 341

https://pm.geniusmonkey.com/i/gm.png?id=226597978&ord=3254002507 HTTP 302
https://pm.geniusmonkey.com/r/gm-08A48GG39.png

Request Chain 357

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 360

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fD1U0HqVsCWoFNb7kffb3FjDWbreIeN4iiEoBw&google_cm&google_hm=ay1mRDFVMEhxVnNDV29GTmI3a2ZmYjNGakRXYnJlSWVONGlpRW9Cdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fD1U0HqVsCWoFNb7kffb3FjDWbreIeN4iiEoBw&google_gid=CAESEOBO0qyiaGdbk5HmeZ3giWk&google_cver=1&google_ula=913071,0

Request Chain 394

https://ad.doubleclick.net/ddm/trackimpj/N3065.154378CRITEO/B20664000.321383255;dc_trk_aid=514017289;dc_trk_cid=162390786;ord=78413959;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N3065.154378CRITEO/B20664000.321383255;dc_pre=CMWWrYeoyPkCFQ-0nwodb7cC7w;dc_trk_aid=514017289;dc_trk_cid=162390786;ord=78413959;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=

428 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www4.pictures.gi.zimbio.com/
Redirect Chain

http://www4.pictures.gi.zimbio.com/
https://www4.pictures.gi.zimbio.com/

81 KB
24 KB

132ms
84ms

Document
text/html

151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

5e51f4962d2e139b78ef51f91f6b11b4d1b4e8a43abec33ea564aae0c8e80353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 153
cache-control: max-age=900
content-encoding: gzip
content-length: 24685
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 07:23:04 GMT
expires: Mon, 15 Aug 2022 07:35:31 GMT
last-modified: Mon, 15 Aug 2022 07:14:51 GMT
server: nginx/1.4.6 (Ubuntu)
strict-transport-security: max-age=31557600
vary: Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-content-length: 83049
x-response-time: 61780
x-served-by: cache-bfi-krnt7300118-BFI, cache-ewr18128-EWR
x-timer: S1660548185.519948,VS0,VE62

Redirect headers

Accept-Ranges: bytes
Connection: close
Content-Length: 0
Date: Mon, 15 Aug 2022 07:23:04 GMT
Location: https://www4.pictures.gi.zimbio.com/
Retry-After: 0
Server: Varnish
Strict-Transport-Security: max-age=31557600
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Response-Time: 93
X-Served-By: cache-ewr18150-EWR
X-Timer: S1660548184.449648,VS0,VE0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 87ms
36ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c64d0d17ae3a9911532c49b31a1deb6fb3963bd85dddc88114a88b5251059e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28765
x-xss-protection: 0
server: sffe
etag: "1304 / 184 of 1000 / last-modified: 1660341915"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 15 Aug 2022 07:23:04 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 159 KB
41 KB 98ms
24ms Script
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15db152f386fbb66b5610a32b7b5d8662aeab674ce38a2c446cd73d2a250a92f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Aug 2022 06:51:58 GMT
via: 1.1 b471d3775e81a9be536b52b99f39452a.cloudfront.net (CloudFront), 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Aug 2022 19:28:16 GMT
server: AmazonS3
age: 1867
etag: W/"364e5d6f95bbab2e2e1b3226cf815641"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: IAD89-C3, EWR52-C2
content-encoding: gzip
x-amz-cf-id: DTUmH6TO_4tvdbmjKrY5jdM5wiiyGyhhhE_mHrnfXnxXXqjU87Lvwg==

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/livingly-v3/ 30 KB
13 KB 74ms
26ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/blacklist_script.js
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b697e9f38cb035d07a1e72cdd80005af8fb0f205e96f2c6304d169a74f4ef7f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 06:29:36 GMT
content-encoding: gzip
age: 3209
x-cache: Hit from cloudfront
content-length: 13069
x-amz-meta-git_commit: fffd939
last-modified: Sun, 14 Aug 2022 22:12:07 GMT
server: AmazonS3
etag: "cf8c5f76a9a2d0c16a217a523c395867"
x-amz-version-id: _BhoYw9nrCrrPdlKSfnV72rZNA4J4mMC
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8Vr1mQ2PIv9X1OM91wRd43WkpNsxo5h9mf2BDL69FL3YNICu1coXAw==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/livingly-v3/ 81 KB
30 KB 37ms
22ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/blocking_script.js
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:47:01 GMT
content-encoding: gzip
age: 74164
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: g_jn.294_9TFphkkAGTFYi.WY73y6ofW
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: kgjoBY5du_j0f7Z7WKSIbqNNNNyujkWUriQagZNKd5YOCPzuJc7nXQ==

GET
H2 200 op.js Show response
tagan.adlightning.com/livingly-v3/ 48 KB
19 KB 30ms
23ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/op.js
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30dba4f32f1f34a9d2f5f12eb78429b9f69127211c0847e12a64b57fd32feb9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:02:16 GMT
content-encoding: gzip
age: 1249
x-cache: Hit from cloudfront
content-length: 19377
x-amz-meta-git_commit: 01880f1
last-modified: Sun, 14 Aug 2022 22:12:25 GMT
server: AmazonS3
etag: "37afbf1976b56ece15fefeecd4060761"
x-amz-version-id: ugwhNlLdzgVOOfXLYQiqTolh93kb7HIh
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: IT35EsdsRHNQQh9wSjyjiwR02ZDcdT0IaSrT2FmYIsVQ3gkJl1_qag==

GET
H2 200 f234822c-0aae-41ce-8843-23538710f825-web.js Show response
cdn.permutive.com/ 635 KB
200 KB 105ms
46ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4ebdb4059d03b363f4c71aa79d1279a67eaa3f18f144932d320174f7652174

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:04 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: f234822c-0aae-41ce-8843-23538710f825
age: 2451
x-guploader-uploadid: ADPycdthhi1lFTWmy8hIrO8-Hy3eM759xKuVZw8fHs2IJ4IGSAZuKGU6QzVdEU3UfFPrEa-9Ea7ti2hSCG-bnPqPrbi3gg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Wed, 06 Jul 2022 19:38:54 GMT
server: cloudflare
etag: W/"7a59b0a713c5349ecdeeaed31042cfe5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=x3d77w==, md5=elmwpxPFNJ7N7q7TEELP5Q==
x-goog-generation: 1657136334093156
cache-control: public, max-age=900
x-goog-stored-content-length: 209618
cf-ray: 73b02ecbb91fe6d0-EWR
expires: Mon, 15 Aug 2022 07:38:04 GMT

GET
H/1.1 200
OK prompt__cGxhdGZvcm0__.css
www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/ 91 KB
26 KB 81ms
22ms Stylesheet
text/css 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

4dbfcc15f11ca7e1b334eec8434ad574f77e0080460f80527806b7dd58159ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472442
X-Cache: HIT, HIT
X-Content-Length: 93594
Connection: keep-alive
Content-Length: 25762
X-Served-By: cache-bfi-krnt7300095-BFI, cache-ewr18163-EWR
X-Response-Time: 759
Last-Modified: Tue, 09 Aug 2022 20:09:02 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.685769,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:02 GMT

GET
H/1.1 200
OK homepage_carousel__aW5kZXhob21__.css
www.zimbio.com/loader/90.894.index__homepage/homepage__homepage/recent_stories__homepage/grid_recent_stories__platform/grid_recent_stories_sponsored__sidebar/masthead__homepage/ 29 KB
9 KB 83ms
24ms Stylesheet
text/css 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.index__homepage/homepage__homepage/recent_stories__homepage/grid_recent_stories__platform/grid_recent_stories_sponsored__sidebar/masthead__homepage/homepage_carousel__aW5kZXhob21__.css

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

850649a5bb07d6b5dd4f0b2b172ed20efe8e99275038b7e2d086959b1a0e0caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472415
X-Cache: HIT, HIT
X-Content-Length: 29256
Connection: keep-alive
Content-Length: 8075
X-Served-By: cache-bfi-krnt7300112-BFI, cache-ewr18183-EWR
X-Response-Time: 936
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.685944,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK hero_carousel__aG9tZXBhZ2U__.css
www.zimbio.com/loader/90.894.homepage/marquee_carousel_overflow__homepage/ 816 B
1 KB 82ms
23ms Stylesheet
text/css 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.homepage/marquee_carousel_overflow__homepage/hero_carousel__aG9tZXBhZ2U__.css

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

358b2e5bda606133f3b8eb3fd9dd65e4edf118c28e18c6a871d1cbc5d607171f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472416
X-Cache: HIT, HIT
X-Content-Length: 816
Connection: keep-alive
Content-Length: 374
X-Served-By: cache-bfi-krnt7300115-BFI, cache-ewr18139-EWR
X-Response-Time: 772
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.685914,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/css
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK gpe.zimbio__cGxhdGZvcm0__.js Show response
www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_... 833 KB
295 KB 82ms
24ms Script
text/javascript 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

9905d944a3957fc69bb4566cd2af5fcf57588b29b839dd9e8c7853fb7db5ffc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472453
X-Cache: HIT, HIT
X-Content-Length: 853394
Connection: keep-alive
Content-Length: 300943
X-Served-By: cache-bfi-krnt7300080-BFI, cache-ewr18145-EWR
X-Response-Time: 1035
Last-Modified: Tue, 09 Aug 2022 20:08:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.686233,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:08:51 GMT

GET
H/1.1 200
OK jq_infinite_scroll__cGxhdGZvcm0__.js Show response
www.zimbio.com/loader/90.894.platform/gsap-1.11.2-TweenMax.min__homepage/bootstrap-carousel.min__homepage/hero-carousel__homepage/jq_recent_stories__homepage/ 101 KB
41 KB 84ms
26ms Script
text/javascript 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/gsap-1.11.2-TweenMax.min__homepage/bootstrap-carousel.min__homepage/hero-carousel__homepage/jq_recent_stories__homepage/jq_infinite_scroll__cGxhdGZvcm0__.js

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

d07aa8905acdaf858387444f551838c21f184a108496f204a5cddf82b62ddf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472415
X-Cache: HIT, HIT
X-Content-Length: 103505
Connection: keep-alive
Content-Length: 41192
X-Served-By: cache-bfi-krnt7300106-BFI, cache-ewr18150-EWR
X-Response-Time: 1463
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.687827,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK homepage_pinterest_module__cGxhdGZvcm0__.js Show response
www.zimbio.com/loader/90.894.platform/slick.min__homepage/ 36 KB
11 KB 84ms
26ms Script
text/javascript 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/loader/90.894.platform/slick.min__homepage/homepage_pinterest_module__cGxhdGZvcm0__.js

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

182cef2fa620c9fa53102f138791e12ec5785ec00a0b795d86367fdf27da4fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Content-Encoding: gzip
X-Cache-Hits: 1, 1
Age: 472415
X-Cache: HIT, HIT
X-Content-Length: 36600
Connection: keep-alive
Content-Length: 10764
X-Served-By: cache-bfi-krnt7300046-BFI, cache-ewr18157-EWR
X-Response-Time: 1871
Last-Modified: Tue, 09 Aug 2022 20:09:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.688040,VS0,VE2
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: text/javascript
Via: 1.1 varnish, 1.1 varnish
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 10 Nov 2022 20:09:29 GMT

GET
H/1.1 200
OK logo_Zimbio_Main_v06816.png
www.zimbio.com/images/ 5 KB
5 KB 29ms
22ms Image
image/png 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zimbio.com/images/logo_Zimbio_Main_v06816.png

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

2bf403e6c1579e47df2319e31ad246bbb84be3a46d17694ed897508b1512b688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1446603
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 4756
X-Served-By: cache-bfi-krnt7300092-BFI, cache-ewr18145-EWR
X-Response-Time: 675
Last-Modified: Mon, 25 Jul 2022 20:55:41 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.868940,VS0,VE1
ETag: "62df034d-1294"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 30 Oct 2022 13:33:01 GMT

GET
H/1.1 200
OK N2d0UVwNRuC+MmC_xDF85OE+1000x500.jpg
www4.pictures.zimbio.com/mp/ 119 KB
120 KB 83ms
24ms Image
image/jpeg 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/N2d0UVwNRuC+MmC_xDF85OE+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

18f35a8ceb0a82c05d97f5a588bcb226da9ab3ecbe15300a3516e054fb5bba2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1441933
X-Cache: HIT, HIT
X-Content-Length: 121881
Connection: keep-alive
Content-Length: 121881
X-Served-By: cache-bfi-krnt7300053-BFI, cache-ewr18170-EWR
X-Response-Time: 794
Last-Modified: Fri, 29 Jul 2022 14:50:52 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.920328,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 30 Oct 2022 14:50:52 GMT

GET
H/1.1 200
OK J3rJe9q_utg+0gxzDgdL6eD+1000x500.jpg
www1.pictures.zimbio.com/mp/ 77 KB
78 KB 79ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/J3rJe9q_utg+0gxzDgdL6eD+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

f0ded3e3d074547348a16297a2afd296203b56bc8e3c3938eb4fafabe74a62e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 2103782
X-Cache: HIT, HIT
X-Content-Length: 78940
Connection: keep-alive
Content-Length: 78940
X-Served-By: cache-bfi-krnt7300057-BFI, cache-ewr18131-EWR
X-Response-Time: 786
Last-Modified: Thu, 21 Jul 2022 23:00:02 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.919207,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 23:00:02 GMT

GET
H/1.1 200
OK i2R5jQ_Ge4h+B3H3f5qqGrI+1000x500.jpg
www4.pictures.zimbio.com/mp/ 159 KB
159 KB 83ms
25ms Image
image/jpeg 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/i2R5jQ_Ge4h+B3H3f5qqGrI+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

f4a0ebcf5fd4c25c5a25f204e38f074fb5397d6703ad1d22fa087ef4538a3e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1114887
X-Cache: HIT, HIT
X-Content-Length: 162328
Connection: keep-alive
Content-Length: 162328
X-Served-By: cache-bfi-krnt7300038-BFI, cache-ewr18178-EWR
X-Response-Time: 744
Last-Modified: Tue, 02 Aug 2022 09:41:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.920531,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 03 Nov 2022 09:41:37 GMT

GET
H/1.1 200
OK K7_V32Vmqyl+FRq5dw-ArEs+1000x500.jpg
www3.pictures.zimbio.com/mp/ 152 KB
152 KB 78ms
22ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/K7_V32Vmqyl+FRq5dw-ArEs+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

731ff4a161003740dc2546e3867c4b1f5d0bcaf55b0ced644c2a5c83d05bfdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 27
Age: 2121522
X-Cache: HIT, HIT
X-Content-Length: 155469
Connection: keep-alive
Content-Length: 155469
X-Served-By: cache-bfi-krnt7300072-BFI, cache-ewr18135-EWR
X-Response-Time: 403
Last-Modified: Thu, 21 Jul 2022 18:04:23 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.919191,VS0,VE0
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 18:04:23 GMT

GET
H/1.1 200
OK 8_PeGSIM0u6+PLm1EXNmW9Y+1000x500.jpg
www1.pictures.zimbio.com/mp/ 121 KB
121 KB 80ms
23ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/8_PeGSIM0u6+PLm1EXNmW9Y+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

de34c6f374685308a58510823f989ace7e6808c38fe4f25d9f552fcdadfb5fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 2127096
X-Cache: HIT, HIT
X-Content-Length: 123735
Connection: keep-alive
Content-Length: 123735
X-Served-By: cache-bfi-krnt7300064-BFI, cache-ewr18162-EWR
X-Response-Time: 828
Last-Modified: Thu, 21 Jul 2022 16:31:28 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.919360,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 16:31:28 GMT

GET
H/1.1 200
OK GR8w9EGvOAcm.jpg
www4.pictures.zimbio.com/mp/ 15 KB
15 KB 83ms
26ms Image
image/jpeg 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/GR8w9EGvOAcm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

14db5df39502eadf9fe98c0d4fe8eb16635412809b5dd840f2ac1b10fe284d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2043878
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 15183
X-Served-By: cache-bfi-krnt7300062-BFI, cache-ewr18154-EWR
X-Response-Time: 956
Last-Modified: Thu, 25 Jul 2019 22:48:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.921175,VS0,VE1
ETag: "5d3a31bd-3b4f"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sun, 23 Oct 2022 15:38:27 GMT

GET
H/1.1 200
OK zIiHP-dntAwm.jpg
www3.pictures.zimbio.com/mp/ 26 KB
27 KB 80ms
24ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/zIiHP-dntAwm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e6bc78516ed2cb831e8d714f65f0ffaec60f960ba02f58b22898f955786508aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2103764
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 26533
X-Served-By: cache-bfi-krnt7300026-BFI, cache-ewr18142-EWR
X-Response-Time: 1168
Last-Modified: Thu, 21 Jul 2022 22:58:58 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.919386,VS0,VE1
ETag: "62d9da32-67a5"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 23:00:21 GMT

GET
H/1.1 200
OK P53rv3uYDB7m.jpg
www2.pictures.zimbio.com/mp/ 29 KB
30 KB 81ms
25ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/P53rv3uYDB7m.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

8300c9c0d50bd28402924469fbd91b4d3c2ccec64360464e3f709e011dc5ad31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2106524
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 30004
X-Served-By: cache-bfi-krnt7300064-BFI, cache-ewr18165-EWR
X-Response-Time: 882
Last-Modified: Thu, 21 Jul 2022 22:14:15 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.920184,VS0,VE1
ETag: "62d9cfb7-7534"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 22:14:21 GMT

GET
H/1.1 200
OK Z1C5ehVzFTZm.jpg
www4.pictures.zimbio.com/mp/ 25 KB
26 KB 69ms
22ms Image
image/jpeg 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/Z1C5ehVzFTZm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

96210a631f93160cd472125fb894e5f18b9e1c11a748406933f1d33170762b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2115424
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 26072
X-Served-By: cache-bfi-krnt7300063-BFI, cache-ewr18168-EWR
X-Response-Time: 771
Last-Modified: Thu, 21 Jul 2022 19:45:52 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.929414,VS0,VE1
ETag: "62d9acf0-65d8"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 19:46:00 GMT

GET
H/1.1 200
OK hWOSwSn11Dp+iOixD9ehgTa+1000x500.jpg
www3.pictures.zimbio.com/mp/ 71 KB
71 KB 25ms
22ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/hWOSwSn11Dp+iOixD9ehgTa+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

bc67736a93f41b383fc8318c8211f1965ec787809278d5812e2a299c907713e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1643274
X-Cache: HIT, HIT
X-Content-Length: 72443
Connection: keep-alive
Content-Length: 72443
X-Served-By: cache-bfi-krnt7300119-BFI, cache-ewr18142-EWR
X-Response-Time: 755
Last-Modified: Wed, 27 Jul 2022 06:55:11 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.952647,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 28 Oct 2022 06:55:11 GMT

GET
H/1.1 200
OK gR4uyM9sXkcm.jpg
www2.pictures.zimbio.com/mp/ 29 KB
30 KB 27ms
24ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/gR4uyM9sXkcm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

c8c467beba1bc3b02b67e51451a7ee5541bd034f41d8f318af0c538d5a19e177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2115818
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 29931
X-Served-By: cache-bfi-krnt7300057-BFI, cache-ewr18165-EWR
X-Response-Time: 979
Last-Modified: Thu, 21 Jul 2022 19:21:39 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.953153,VS0,VE1
ETag: "62d9a743-74eb"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 19:39:27 GMT

GET
H/1.1 200
OK OQCsWL5L5QTm.jpg
www2.pictures.zimbio.com/mp/ 28 KB
28 KB 52ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/OQCsWL5L5QTm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

2ce15f8dcc872ff0a0d7d5a5b14fb3578017c39685eabd1e6e1e887d5ad08318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1360630
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 28280
X-Served-By: cache-bfi-krnt7300106-BFI, cache-ewr18165-EWR
X-Response-Time: 728
Last-Modified: Thu, 21 Jul 2022 17:15:39 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.980409,VS0,VE1
ETag: "62d989bb-6e78"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Mon, 31 Oct 2022 13:25:54 GMT

GET
H/1.1 200
OK eRWfVTM1VcBm.jpg
www1.pictures.zimbio.com/mp/ 38 KB
39 KB 53ms
30ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/eRWfVTM1VcBm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

caa6669dfbaa2ba282fb8156f9c858525ba7400537d5a6428814aa0af05379a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2127080
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 38819
X-Served-By: cache-bfi-krnt7300046-BFI, cache-ewr18131-EWR
X-Response-Time: 7004
Last-Modified: Thu, 21 Jul 2022 16:27:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.974019,VS0,VE7
ETag: "62d97e77-97a3"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 16:31:44 GMT

GET
H/1.1 200
OK oJi5b9DCkrFm.png
www4.pictures.zimbio.com/mp/ 89 KB
90 KB 25ms
23ms Image
image/png 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/oJi5b9DCkrFm.png

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

65e4375c33e799427efd45adf2d04112481e3834ea092d85ba43fe4edb3a932f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2131423
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
Connection: keep-alive
Content-Length: 91439
X-Served-By: cache-bfi-krnt7300064-BFI, cache-ewr18154-EWR
X-Response-Time: 891
Last-Modified: Wed, 20 Jul 2022 22:37:20 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.952824,VS0,VE1
ETag: "62d883a0-1652f"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 15:19:21 GMT

GET
H/1.1 200
OK hWOSwSn11Dpm.jpg
www3.pictures.zimbio.com/mp/ 24 KB
25 KB 62ms
22ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/hWOSwSn11Dpm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

023f3e927fd21590a747ad0dcfb1fd688b4405302a619c016b8d50d6e621d177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2183773
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24844
X-Served-By: cache-bfi-krnt7300032-BFI, cache-ewr18135-EWR
X-Response-Time: 801
Last-Modified: Tue, 01 Mar 2022 17:54:32 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.990337,VS0,VE1
ETag: "621e5dd8-610c"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Sat, 22 Oct 2022 00:46:52 GMT

GET
H/1.1 200
OK 86Lmu2asHJsm.jpg
www1.pictures.zimbio.com/mp/ 24 KB
25 KB 57ms
23ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/86Lmu2asHJsm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

567b9fe9e52694a8cbbdb26d3c7b74d3f03422d6fc0c6db1f7c8ad2886019b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2192764
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24753
X-Served-By: cache-bfi-krnt7300082-BFI, cache-ewr18162-EWR
X-Response-Time: 758
Last-Modified: Wed, 20 Jul 2022 21:34:04 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.985862,VS0,VE1
ETag: "62d874cc-60b1"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 22:17:01 GMT

GET
H/1.1 200
OK EKHzueDqGEa+4PxbCaEnf6E+1000x500.jpg
www2.pictures.zimbio.com/mp/ 117 KB
118 KB 67ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/EKHzueDqGEa+4PxbCaEnf6E+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

884e834da4d1d43de6fe16e3752cc653ccee3b03e81ab61c1575a1fd8de2b765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 2192799
X-Cache: HIT, HIT
X-Content-Length: 119962
Connection: keep-alive
Content-Length: 119962
X-Served-By: cache-bfi-krnt7300094-BFI, cache-ewr18157-EWR
X-Response-Time: 791
Last-Modified: Wed, 20 Jul 2022 22:16:25 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.997889,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 22:16:25 GMT

GET
H/1.1 200
OK Premiere+Columbia+Pictures+Ides+March+Red+J40IiqDZYqlm.jpg
www1.pictures.zimbio.com/gi/ 38 KB
38 KB 60ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/gi/Premiere+Columbia+Pictures+Ides+March+Red+J40IiqDZYqlm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

3e3c159ef990bfc2e541fb4f9c3bc36dd680f59642a349ab230cb3fb08343e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2194966
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 38619
X-Served-By: cache-bfi-krnt7300051-BFI, cache-ewr18146-EWR
X-Response-Time: 799
Last-Modified: Wed, 28 Sep 2011 03:50:05 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.996259,VS0,VE1
ETag: "4e82996d-96db"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 21:40:19 GMT

GET
H/1.1 200
OK de838N_F4Jom.jpg
www4.pictures.zimbio.com/mp/ 24 KB
25 KB 23ms
22ms Image
image/jpeg 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/de838N_F4Jom.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

6d9cc9e083e93a4dd0caa60de31812466d98680b227bf866ca8f8284f3c293fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2202443
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1
Connection: keep-alive
Content-Length: 24537
X-Served-By: cache-bfi-krnt7300093-BFI, cache-ewr18168-EWR
X-Response-Time: 813
Last-Modified: Wed, 20 Jul 2022 19:29:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.980020,VS0,VE1
ETag: "62d857af-5fd9"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 19:35:40 GMT

GET
H/1.1 200
OK 39YHpJiuXjVm.png
www3.pictures.zimbio.com/mp/ 135 KB
136 KB 22ms
22ms Image
image/png 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/39YHpJiuXjVm.png

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

7da706d0695525bc9e6d8bd10a79c51624f26a59041bba1daf8ce1982a6ed501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2209488
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 138533
X-Served-By: cache-bfi-krnt7300119-BFI, cache-ewr18142-EWR
X-Response-Time: 798
Last-Modified: Wed, 20 Jul 2022 17:36:01 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.998524,VS0,VE1
ETag: "62d83d01-21d25"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 21 Oct 2022 17:38:16 GMT

GET
H/1.1 200
OK oNVeN9ydpSGm.jpg
www2.pictures.zimbio.com/mp/ 24 KB
24 KB 22ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/oNVeN9ydpSGm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

d9c476313f6798ffeb41bb91fe32f31cc06f67912be5ac5b5a4a17a60b280b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2274022
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24458
X-Served-By: cache-bfi-krnt7300038-BFI, cache-ewr18165-EWR
X-Response-Time: 793
Last-Modified: Tue, 19 Jul 2022 23:20:27 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.007315,VS0,VE1
ETag: "62d73c3b-5f8a"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 23:42:42 GMT

GET
H/1.1 200
OK uBKkSZFNDmam.jpg
www2.pictures.zimbio.com/mp/ 21 KB
21 KB 23ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/uBKkSZFNDmam.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

23d29dfa3c4f75be461033309e104dcf34f211fba20f7c670cf225f948d63f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2277043
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 21378
X-Served-By: cache-bfi-krnt7300055-BFI, cache-ewr18127-EWR
X-Response-Time: 785
Last-Modified: Thu, 06 Jul 2017 22:56:04 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.007043,VS0,VE1
ETag: "595ec004-5382"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 22:52:22 GMT

GET
H/1.1 200
OK 0wEdj-Mw6fXm.jpg
www3.pictures.zimbio.com/mp/ 30 KB
30 KB 23ms
23ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/0wEdj-Mw6fXm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

a0fc2ce6c7bbbb37c07c35fbe7b97713d5172d868037db91f347a06076ffb73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2281031
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 30363
X-Served-By: cache-bfi-krnt7300062-BFI, cache-ewr18129-EWR
X-Response-Time: 1005
Last-Modified: Tue, 19 Jul 2022 20:13:28 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.007635,VS0,VE1
ETag: "62d71068-769b"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 21:45:54 GMT

GET
H/1.1 200
OK rGt9VAwjjMR+xOt6qbCSYp8+1000x500.jpg
www1.pictures.zimbio.com/mp/ 122 KB
123 KB 23ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/rGt9VAwjjMR+xOt6qbCSYp8+1000x500.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

3d2561b5d98f2cdee0cb4f05fa78dff14559bcf9f9f2016228790fbd0608993d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
X-Cache-Hits: 1, 1
Age: 1357005
X-Cache: HIT, HIT
X-Content-Length: 125365
Connection: keep-alive
Content-Length: 125365
X-Served-By: cache-bfi-krnt7300078-BFI, cache-ewr18162-EWR
X-Response-Time: 784
Last-Modified: Sat, 30 Jul 2022 14:26:20 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.011182,VS0,VE1
Vary: Cookie
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Mon, 31 Oct 2022 14:26:20 GMT

GET
H/1.1 200
OK 8u0CVG0Bktjm.jpg
www2.pictures.zimbio.com/mp/ 22 KB
22 KB 46ms
24ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/8u0CVG0Bktjm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

00d4ee3a0012f40e1753563535fcd76e243b449ea1f4921e092234ca32592c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2285453
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 22405
X-Served-By: cache-bfi-krnt7300112-BFI, cache-ewr18165-EWR
X-Response-Time: 774
Last-Modified: Tue, 19 Jul 2022 19:54:09 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.033165,VS0,VE1
ETag: "62d70be1-5785"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 20:32:11 GMT

GET
H/1.1 200
OK h_rlf8Pl_44m.jpg
www2.pictures.zimbio.com/mp/ 28 KB
28 KB 46ms
23ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www2.pictures.zimbio.com/mp/h_rlf8Pl_44m.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

bc46f5a9b2bb4d191d9a7b81d0c140815440a6bee88e437cb99772c55dd29c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2295335
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 28231
X-Served-By: cache-bfi-krnt7300048-BFI, cache-ewr18127-EWR
X-Response-Time: 810
Last-Modified: Tue, 19 Jul 2022 17:35:41 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.034372,VS0,VE1
ETag: "62d6eb6d-6e47"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 17:47:29 GMT

GET
H/1.1 200
OK l-h9MRh7xYZm.jpg
www1.pictures.zimbio.com/mp/ 31 KB
31 KB 22ms
22ms Image
image/jpeg 151.101.1.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www1.pictures.zimbio.com/mp/l-h9MRh7xYZm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

f6353c021622b5f5e148054059a89253da16bac7e5ba61640ea8b33176c24d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2305193
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 31323
X-Served-By: cache-bfi-krnt7300118-BFI, cache-ewr18131-EWR
X-Response-Time: 782
Last-Modified: Tue, 19 Jul 2022 14:42:15 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.013538,VS0,VE1
ETag: "62d6c2c7-7a5b"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 15:03:12 GMT

GET
H/1.1 200
OK 7RlTO3ZfiwBm.jpg
www3.pictures.zimbio.com/mp/ 33 KB
34 KB 24ms
23ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/7RlTO3ZfiwBm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

7f955bba0bf6d4e96be6d36219dd06e6f53970959890ed8e22f13a2fb890e210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2304857
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 34047
X-Served-By: cache-bfi-krnt7300021-BFI, cache-ewr18135-EWR
X-Response-Time: 798
Last-Modified: Tue, 19 Jul 2022 12:38:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.033997,VS0,VE1
ETag: "62d6a5e0-84ff"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 20 Oct 2022 15:08:46 GMT

GET
H/1.1 200
OK f9ckSuUjF-em.jpg
www4.pictures.zimbio.com/mp/ 35 KB
36 KB 22ms
22ms Image
image/jpeg 151.101.65.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.zimbio.com/mp/f9ckSuUjF-em.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

c937a001eef4b0bfe4e0cfd5e84b5dcff163235dacf60326fe673f20bd1afb82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2366064
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 36046
X-Served-By: cache-bfi-krnt7300109-BFI, cache-ewr18168-EWR
X-Response-Time: 775
Last-Modified: Mon, 18 Jul 2022 20:31:49 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.033976,VS0,VE1
ETag: "62d5c335-8cce"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Wed, 19 Oct 2022 22:08:41 GMT

GET
H/1.1 200
OK af1xMG6dp_Hm.jpg
www3.pictures.zimbio.com/mp/ 19 KB
19 KB 23ms
22ms Image
image/jpeg 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www3.pictures.zimbio.com/mp/af1xMG6dp_Hm.jpg

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

6ed90fc6eb019899c19fa6674ca651855ae5f5e00938bee6e79eecc1af021335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 2367404
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
Connection: keep-alive
Content-Length: 19029
X-Served-By: cache-bfi-krnt7300113-BFI, cache-ewr18129-EWR
X-Response-Time: 855
Last-Modified: Mon, 18 Jul 2022 18:55:24 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.036736,VS0,VE1
ETag: "62d5ac9c-4a55"
Strict-Transport-Security: max-age=31557600
Content-Type: image/jpeg
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Wed, 19 Oct 2022 21:46:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
58 KB 87ms
38ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCXJZ5C

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d792cb6b65133f99659208323c2cf9db43ff8230d3ee8e941cf20c9c48463b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58388
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Aug 2022 07:23:05 GMT

GET
H2 200 AGSKWxX6i6JaDVcmR2YpH6uj9owbeaw3SMZfcC46o2w-joR7_zOI7Fkel9ZZ7dR67HHM227Od5HCdLrSbB4KJPrWUhQ= Show response
fundingchoicesmessages.google.com/f/ 104 KB
37 KB 110ms
62ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX6i6JaDVcmR2YpH6uj9owbeaw3SMZfcC46o2w-joR7_zOI7Fkel9ZZ7dR67HHM227Od5HCdLrSbB4KJPrWUhQ=

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

10665c5b6d46ea571422aa21e4d9f845ffc1ba84479b0c6eca0b1716859084a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QxFtFoigjsdHcasNtAWMZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QxFtFoigjsdHcasNtAWMZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-QxFtFoigjsdHcasNtAWMZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QxFtFoigjsdHcasNtAWMZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
131 KB 65ms
20ms Script
text/javascript 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 09:25:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134589
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Aug 2023 09:25:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 447 B
220 B 77ms
36ms XHR
application/json 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www4.pictures.gi.zimbio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013d74af07652dba9aac4ef029351e5af8b1681a044066e4187898edfcde2caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:23:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0
expires: Mon, 15 Aug 2022 07:23:04 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 123ms
79ms XHR
application/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
x-amz-cf-pop: EWR52-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via: 1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
content-type: application/javascript
x-amz-cf-id: 8sq-mtqTBnkBJSJjTk6B3qyaNynza3lXPVA_v0wT8wgQXuZ3GzFG1g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 63ms
63ms XHR
application/json 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3234&u=https%3A%2F%2Fwww4.pictures.gi.zimbio.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-150-76.ewr52.r.cloudfront.net
Software: Server /
Resource Hash: 8911a3bcf65ca1a6e84a4c96728c9b46d9ea2d2dc2c40c8e697c4770038245e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:04 GMT
via: 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2486
x-amz-cf-id: FVrZu78JF3gY0IfX2GNSRdm8BHYuSeGj-beKo1XpXYquPwsnC5n8vQ==

GET
H/1.1 200
OK 183777-124724527666383.js Show response
js-sec.indexww.com/ht/p/ 39 KB
13 KB 90ms
22ms Script
text/javascript 69.192.109.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-125.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f91ab28ba27b921b9f17bd7853cc1202461bfec77598f75c762af5d7ed48c56f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Aug 2022 07:16:04 GMT
Server: Apache
ETag: "760e9c-9a4d-5e642679d61c2"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3251
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 13273
Expires: Mon, 15 Aug 2022 08:17:16 GMT

GET
H2 200 spacer.gif
www4.pictures.gi.zimbio.com/images/ 43 B
281 B 98ms
94ms Image
image/gif 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.gi.zimbio.com/images/spacer.gif?abk&adnet=1&type=ad&_prebid_&t=695503

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:04 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
x-cache: MISS, MISS
x-cache-hits: 0, 0
content-length: 43
x-served-by: cache-bfi-krnt7300028-BFI, cache-ewr18128-EWR
x-response-time: 73259
last-modified: Tue, 09 Aug 2022 20:05:02 GMT
server: nginx/1.4.6 (Ubuntu)
x-timer: S1660548185.869044,VS0,VE73
etag: "62f2bdee-2b"
strict-transport-security: max-age=31557600
content-type: image/gif
cache-control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
expires: Wed, 16 Nov 2022 07:23:04 GMT

GET
H/1.1 200
OK zimbio_icon_sprite_v4.png
www.zimbio.com/images/ 24 KB
25 KB 22ms
22ms Image
image/png 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zimbio.com/images/zimbio_icon_sprite_v4.png

Requested by

Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

63436efe51f30bb52b0f1629faa84dbf8b257313768193039175232cf1864410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1111941
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 24901
X-Served-By: cache-bfi-krnt7300083-BFI, cache-ewr18150-EWR
X-Response-Time: 647
Last-Modified: Mon, 25 Jul 2022 20:55:41 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.878583,VS0,VE1
ETag: "62df034d-6145"
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 03 Nov 2022 10:30:43 GMT

GET
H/1.1 200
OK ProximaNovaSbold.woff
www.zimbio.com/images/proxima_nova/ 42 KB
42 KB 72ms
24ms Font
application/octet-stream 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/images/proxima_nova/ProximaNovaSbold.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e6622460e1f5937a0c5e84ae8e897faf6273fa1d9221cc231cc252456999c5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
Origin: https://www4.pictures.gi.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4651713
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 42672
X-Served-By: cache-bfi-krnt7300055-BFI, cache-ewr18152-EWR
X-Response-Time: 750
Last-Modified: Wed, 22 Jun 2022 07:33:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.914997,VS0,VE1
ETag: "62b2c5c9-a6b0"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 23 Sep 2022 11:14:31 GMT

GET
H/1.1 200
OK ProximaNovaReg.woff
www.zimbio.com/images/proxima_nova/ 42 KB
42 KB 72ms
24ms Font
application/octet-stream 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/images/proxima_nova/ProximaNovaReg.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

7347f567292d61e8a6c6e20ec7bd39f0b98a0c5a79a8bf03c8e8c260fcc33357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
Origin: https://www4.pictures.gi.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4651713
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
Connection: keep-alive
Content-Length: 42712
X-Served-By: cache-bfi-krnt7300084-BFI, cache-ewr18120-EWR
X-Response-Time: 621
Last-Modified: Wed, 22 Jun 2022 07:33:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.914516,VS0,VE1
ETag: "62b2c5c9-a6d8"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Fri, 23 Sep 2022 11:14:31 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 553 KB
141 KB 342ms
283ms Script
text/javascript 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXTRKO2C&hst=www4.pictures.gi.zimbio.com&ver=1.2

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

Apache /

Resource Hash

25ce21159fc9c9d9dd589493517133a359cda0beefe37118d5a5dfc4ebd4d264

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Accept-Encoding
x-mnet-h: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=1800
content-type: text/javascript; charset=utf-8
expires: Mon, 15 Aug 2022 07:53:05 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
110 KB 79ms
25ms Script
application/x-javascript 99.84.126.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-77.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 00:40:34 GMT
via: 1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
age: 24152
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
content-length: 112112
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: "148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control: must-revalidate,public,max-age=86400
x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-type: application/x-javascript
x-amz-cf-id: _HF9ROGiQpTrBSf6It52ER1schqKaN5bm9zzuAS5zzZbAgGzBM93SA==

GET
H2 200 406 Show response
id.halo.ad.gt/api/v1/partner/ 52 KB
8 KB 228ms
77ms Script
text/javascript 44.238.206.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.halo.ad.gt/api/v1/partner/406?url=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&ref=&_it=amazon
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.206.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-206-49.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 47aad035aa6508631e41dff491bca05d8f5f4d6d49ea3e50ec6cad7af2679d55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
origin-trial
server: nginx/1.20.0
content-type: text/javascript; charset=UTF-8

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 70ms
29ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af44d280920264564147250d0841eebf33288a04c932c182c06ec21600a228c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3037
x-amz-server-side-encryption: AES256
x-amz-request-id: ZTW79T008ZNCMMZD
x-amz-id-2: UXJqj53VdsPdD4JWTLkVe1C1Yzk2wWqHIsvU9VuNuTMd/Joki98vM3M6oAZg2PFvvAJrL4ZqLXE=
last-modified: Wed, 27 Jul 2022 15:06:46 GMT
server: cloudflare
etag: W/"a49d5e2684c7e5d488d526ca41c2f3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 73b02ecce818efd8-EWR

GET
H/1.1 200
OK ProximaNovaLight.woff
www.zimbio.com/images/proxima_nova/ 42 KB
42 KB 71ms
23ms Font
application/octet-stream 151.101.193.129
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zimbio.com/images/proxima_nova/ProximaNovaLight.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.129 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

22874d22751914d23a1f7f6c874c54547c2a5ccedfe057e8de1821243885ea41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Referer: https://www.zimbio.com/loader/90.894.platform/base__platform/base_white__platform/share_bar__platform/color__platform/color_zimbio__platform/header_test__signup_prompts/prompt__cGxhdGZvcm0__.css
Origin: https://www4.pictures.gi.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:04 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 4730174
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
Connection: keep-alive
Content-Length: 42668
X-Served-By: cache-bfi-krnt7300057-BFI, cache-ewr18167-EWR
X-Response-Time: 788
Last-Modified: Tue, 21 Jun 2022 11:36:12 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Timer: S1660548185.952778,VS0,VE1
ETag: "62b1ad2c-a6ac"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=8035200, stale-while-revalidate=604800, stale-if-error=604800
Accept-Ranges: bytes
Expires: Thu, 22 Sep 2022 13:26:51 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 81ms
26ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5684f3602feda4b2d86354c8aa5f41a7670ffcbfa7bba3d6b824bd2e084299f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: j1JPtAbB/NC6PyZQdvE35w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: H2yljcjJatHHUsFpHVD5SrUXrS3ovI+Z/d4iO0bxejSiGXF3dGM4kML7SnkNYqQo6swH9qhMwBJFQWgIpiwYgg==
x-fb-trip-id: 1814657579
x-fb-content-md5: 6b1e6dbdb29faab543da12eeda81b7c3
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8a4e8606435d13eaa3ff44e2b4d3a3ec"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 15 Aug 2022 07:42:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
21ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3453
date: Mon, 15 Aug 2022 06:25:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 08:25:32 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 93ms
22ms Script
application/javascript 108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 14 Aug 2022 20:27:37 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
age: 39329
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: 0zrGC9SM6eqrBQLSt-t7vsxCOC2bTk23G0s1oyRuLVa4OjOepXZfag==

GET
H2 200 quant.js Show response
edge.quantserve.com/ 24 KB
10 KB 92ms
26ms Script
application/javascript 2620:116:800b:21:b08a:1dc5:659b:4055
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),
Reverse DNS
Software: /
Resource Hash: de96459afc7ce2a214a50ab53803028a92dcbdde40621408e4638d484e7c344f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
etag: "jbwe3Q3ekqaoxOFJsLLUPw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 22 Aug 2022 07:23:05 GMT

GET
H2 204 beacon.gif
www4.pictures.gi.zimbio.com/ 0
149 B 94ms
94ms Image
text/plain 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.gi.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22pageview%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22GVQUXF3TYF370269715487247860%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22GVQUXF3TYF3%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22B%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22data%22%3A%7B%22id%22%3A%22GVQUXF3TYF370269715487247860%22%2C%22ms%22%3A1660548184625%2C%22event%22%3A%22pageview%22%2C%22iab%22%3A%22%22%7D%2C%22meta%22%3A%22windowInnerWidth%3A1600%3BwindowInnerHeight%3A1200%3B%22%7D

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 72240
date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 varnish, 1.1 varnish
server: nginx/1.4.6 (Ubuntu)
x-timer: S1660548185.268875,VS0,VE72
x-served-by: cache-bfi-krnt7300036-BFI, cache-ewr18128-EWR
strict-transport-security: max-age=31557600
x-cache: MISS, MISS
cache-control: max-age=0
x-cache-hits: 0, 0
accept-ranges: bytes
expires: Mon, 15 Aug 2022 07:23:05 GMT

GET
H2 200 105849X1563408.skimlinks.js Show response
s.skimresources.com/js/ 46 KB
18 KB 80ms
16ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/105849X1563408.skimlinks.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4083ddf7e8dcdad72efc82708f64b36917b0ff72124ce2c2c65b867f91f9e4b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:47:41 GMT
server: AmazonS3
x-amz-request-id: 2V2KP1FB1K87D8NX
etag: "5622b166321d1b9d5993ebaabf6ad8c2"
x-hw: 1660548185.cds222.tr2.hn,1660548185.cds218.tr2.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 17747
x-amz-id-2: LPWUTu7zUmKL+/obE1n9QZV+FecYWsWJN0F2loJfqD1hvalm2G4pXcfYHUoQ1gahPAo/o449liE=

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame DFA7 3 KB
2 KB 20ms
20ms Document
text/html 69.192.109.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.109.125 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-109-125.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Aug 2022 07:23:05 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
26 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: MXAFE7pKQTaQ3sLfWKb7rPFBm7cdsx8NPd6hQStk54t/NzNyZOg3rhO1cvzX0MDLFzxXDYCAZmrVnhtkBYln/w==
x-fb-trip-id: 1814657579
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:23:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 22 KB
8 KB 119ms
41ms Script
application/javascript 99.84.122.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.122.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-122-245.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2fc06a6b0419a08c01e985a58aac5f3683c6d8167e703e401a381da4535f9de3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7888
via: 1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
x-amz-cf-id: _kTtWNjLTPVuWzwVHfjQaq2IE4gy5AAkh-wHfJ37edlQC8HmiesOLA==

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ 43 B
633 B 52ms
15ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10031041&tmstp=566096

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:05 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 15 Aug 2022 07:23:05 GMT

GET
H2 200 b-01880f1-fe6ef3c7.js Show response
tagan.adlightning.com/livingly-v3/ 81 KB
30 KB 22ms
21ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:31:07 GMT
content-encoding: gzip
age: 75118
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: LdThH16Xnec2On_9wZdDQ9RVSAOyZ1K_
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: TEdZVbBiM3bRSh5jQvBOmuTuL23uQXLufErHG2f1p0U2Rv7k3xjJ2A==

GET
H2 200 bl-fffd939-19f44a82.js Show response
tagan.adlightning.com/livingly-v3/ 30 KB
13 KB 144ms
144ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/bl-fffd939-19f44a82.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b697e9f38cb035d07a1e72cdd80005af8fb0f205e96f2c6304d169a74f4ef7f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 22:12:34 GMT
content-encoding: gzip
age: 33032
x-cache: Hit from cloudfront
content-length: 13069
x-amz-meta-git_commit: fffd939
last-modified: Sun, 14 Aug 2022 22:12:07 GMT
server: AmazonS3
etag: "cf8c5f76a9a2d0c16a217a523c395867"
x-amz-version-id: CvIGzBdSh0drjoF3UcGMs4UTpumKHI9x
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: fBJenJrEkL9LHVv-s2x--MhjNa1aVzEmP3tn2RZNqCBeAlhq9v8Rlw==

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 66 B
358 B 131ms
55ms XHR
application/json 18.215.137.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=LIVINGLY&sv_domain=www4.pictures.gi.zimbio.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.137.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-137-188.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 60184032d9a6ae7b3ca2e846475104477e57b3b834807c21a636becae23cf554

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www4.pictures.gi.zimbio.com
date: Mon, 15 Aug 2022 07:23:05 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
content-length: 66
vary: Origin
content-type: application/json

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
288 B 116ms
49ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
553 B 93ms
28ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183777
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 6e331b26fb1c52b5f167241b66fafd30c782aba893ab729c01d23d3004c7a82a

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 14 Sep 2022 07:23:05 GMT

GET
H2 200 pxid Show response
f234822c-0aae-41ce-8843-23538710f825.prmutv.co/v2.0/ 12 B
235 B 166ms
97ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f234822c-0aae-41ce-8843-23538710f825.prmutv.co/v2.0/pxid?k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
709 B 91ms
28ms XHR
application/json 68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:05 GMT
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 278aa951-e79e-4d6b-b4e2-e7fe0ffa9d99
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 f234822c-0aae-41ce-8843-23538710f825-models.bin Show response
cdn.permutive.com/models/v2/ 6 KB
5 KB 178ms
137ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/f234822c-0aae-41ce-8843-23538710f825-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe58290ccf0a3b060609375304772106060dc8e39c13aab82372e5c683302bdb

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
cf-cache-status: MISS
x-goog-meta-oid: f234822c-0aae-41ce-8843-23538710f825
x-guploader-uploadid: ADPycdulWDrNhr8xp4F7Nw5-PnyCRtYs8DbZrZAGrayEz1HwCIHRMHpOGWWiUE8p7s_vmizz4PLRZMfEP2BIHSxsAVRV
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 4842
last-modified: Mon, 15 Aug 2022 06:03:44 GMT
server: cloudflare
etag: "41acc51c74f926b013817838ce2adc46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=+Bw+WQ==, md5=QazFHHT5JrATgXg4zircRg==
x-goog-generation: 1660543424958282
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 4842
accept-ranges: bytes
cf-ray: 73b02ecf9a1f8cc6-EWR
expires: Mon, 15 Aug 2022 07:23:05 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 282 B
402 B 144ms
99ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 370 B
281 B 145ms
100ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e54a35dbb5f93ab6953f8c681e596855b0d4fb5d682d3e345039afc09d511100

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216
via: 1.1 google

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 81ms
22ms Fetch
application/json 99.84.37.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-59.ewr52.r.cloudfront.net
Software: /
Resource Hash: 8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 23:02:45 GMT
via: 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront), 1.1 8f8a44665236c177df56aa58b84d84de.cloudfront.net (CloudFront)
age: 30020
x-amzn-requestid: 2e9fa99f-88c1-4f1d-83b4-90d0f3954f2b
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62f97f15-4e6c2ed54ee1cf67160bf3f9;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: JFK50-P3, EWR52-C4
x-amz-apigw-id: W4DLVHi-DoEFzpA=
content-length: 30
x-amz-cf-id: BAAT08XrpVGpR711t53hbSMuxJbSzNDtQaaz5ImlUah1ZD9ZWDjLQw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

POST
H3 204 AGSKWxV0I8tUCGn2w-Fzs2-Y7M9PVDNYlIYj3fM18HKkypdSEpCOcbE9ZaItcvU2yL-0XpahRJe92ehZfdsQijzK89o= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 177ms
135ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV0I8tUCGn2w-Fzs2-Y7M9PVDNYlIYj3fM18HKkypdSEpCOcbE9ZaItcvU2yL-0XpahRJe92ehZfdsQijzK89o=?pvid=1DDF083C-48AC-43B2-85DE-C0837CAAE2EB

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FELwXMIDU1E.es5.O/d=1/rs=AJlcJMzWMXYoMNSqfj48m4yBKIB8PA6y3w/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-97DrvtgQrLFMIoCAFCO9NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-97DrvtgQrLFMIoCAFCO9NA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-97DrvtgQrLFMIoCAFCO9NA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-97DrvtgQrLFMIoCAFCO9NA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxV0I8tUCGn2w-Fzs2-Y7M9PVDNYlIYj3fM18HKkypdSEpCOcbE9ZaItcvU2yL-0XpahRJe92ehZfdsQijzK89o= Show response
fundingchoicesmessages.google.com/el/ 0
29 B 86ms
44ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV0I8tUCGn2w-Fzs2-Y7M9PVDNYlIYj3fM18HKkypdSEpCOcbE9ZaItcvU2yL-0XpahRJe92ehZfdsQijzK89o=?pvid=1DDF083C-48AC-43B2-85DE-C0837CAAE2EB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WeJOuG_GHjnB0_hSu7CVLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WeJOuG_GHjnB0_hSu7CVLA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-WeJOuG_GHjnB0_hSu7CVLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-WeJOuG_GHjnB0_hSu7CVLA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWJ-rcQSfvCFsOxqzRhut8mgN2oWlwul0ESHFS5wUPF-qtvswSdmOGQR1FCjTY0-Pw5RN16LOBy98at1cjQiys= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 118ms
77ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWJ-rcQSfvCFsOxqzRhut8mgN2oWlwul0ESHFS5wUPF-qtvswSdmOGQR1FCjTY0-Pw5RN16LOBy98at1cjQiys=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwNTQ4MTg1LDU0MzAwMDAwMF0sIjFEREYwODNDLTQ4QUMtNDNCMi04NURFLUMwODM3Q0FBRTJFQiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3NC5waWN0dXJlcy5naS56aW1iaW8uY29tLyIsbnVsbCxbXV0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92309f8b06d58d570dd12b8d177a9eef8d3d9a729aa8dc13585a282ad52c2ef2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VvzngHtXZdxPYT9U6uubBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VvzngHtXZdxPYT9U6uubBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-VvzngHtXZdxPYT9U6uubBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VvzngHtXZdxPYT9U6uubBg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
341 B 329ms
108ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31532338.ip-162-19-138.eu
Software: /
Resource Hash: 605dade1794be6eb322044d9c0b8e2a4d3b5fa35f8cd17b6527e50b1f2ab6a6b

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www4.pictures.gi.zimbio.com
date: Mon, 15 Aug 2022 07:23:05 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
BLOB 200
OK 75db5ae9-b45c-493f-b37c-64e4e83747ec
https://www4.pictures.gi.zimbio.com/ 364 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www4.pictures.gi.zimbio.com/75db5ae9-b45c-493f-b37c-64e4e83747ec
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4137f5a9fe0192456283ebfd75081e73be2689f81524bd049b4b35deb426e60

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 372902

GET
BLOB 200
OK 489def5a-6644-4968-83de-8378d85d149a
https://www4.pictures.gi.zimbio.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www4.pictures.gi.zimbio.com/489def5a-6644-4968-83de-8378d85d149a
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80045b4f253d2d50c15b62d1e496abc579e1f340fce1049c1ff48880d27d1a84

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 20393

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 55ms
26ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=e6fead2c1713c72530c68dfc8bc77e77

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06478633828130bc02d86eb9db34d7fd835828d2fbe92b5fe1e3e31c1836771e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
Origin: https://www4.pictures.gi.zimbio.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3K4eBqJ0Jyqm6nd/GYKXcA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87735
x-fb-rlafr: 0
x-fb-debug: rsjKlbfG5ot40tatEVT01af9X+Pgdc1Zdg8y5e9skwAdsnbfoCFTCrd0Gzrd2+Y7ef5ZKou8OAw+D+gIeRZ8Kg==
x-fb-content-md5: 40e691cc4c47d164534e84b4119f012d
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "790d62ef0d250dd6c9373a56c973ec00"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Aug 2023 06:59:28 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548185612&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=300&cs_cmp_sv=1&...
https://sb.scorecardresearch.com/b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548185612&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=300&cs_cmp_sv=1...

0
190 B

30ms
29ms

Image
text/plain

108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548185612&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=300&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9=
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: 5yHcYe3yVR5TxU35kRfuzVhiANIItLzOWfeQ-yhr6jyyDSsKQSxlmA==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=6167726&c3=&cs_it=b3&cv=3.8.0.210223&ns__t=1660548185612&ns_c=UTF-8&gdpr=0&gdpr_p1t=&gdpr_li=&gdpr_purps=&gdpr_pcc=&cs_cmp_nc=0&cs_cmp_id=300&cs_cmp_sv=1&cs_cmp_rt=0&c7=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&c8=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&c9=
date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 fcf7ae9d0acd31cfede668ccef6e2ace.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
content-length: 0
x-amz-cf-id: uQdwGnr6PP0gHIYIc49UDELemjymdRC3Qzy2I6s_OVNxSpLIvqWbXw==
x-cache: Miss from cloudfront

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 5AB1 0
134 B 107ms
41ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5883134794133245
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 145ms
40ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=9.775531076831285
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 145ms
41ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=9.775531076831285
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 rules-p-124BfeS-bwiSE.js Show response
rules.quantcount.com/ 3 B
447 B 77ms
21ms Script
application/javascript 2600:9000:2140:1e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-124BfeS-bwiSE.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 11:03:38 GMT
via: 1.1 d4cdd862c8bc0148f37b685614031cf4.cloudfront.net (CloudFront)
age: 73168
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:42:18 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: EWR52-C1
accept-ranges: bytes
x-amz-cf-id: mSGkxSS2p9OtrkOmVYHlvv-Pn9woqU3mWwH9CDzhe5tfVKIBoEamow==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
449 B 89ms
34ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5369370-1&cid=1924194079.1660548186&jid=977558131&gjid=1534065526&_gid=1461715534.1660548186&_u=YGDAgEABAAAAAE~&z=1898173215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Aug 2022 07:23:05 GMT
content-type: text/plain
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 63ms
21ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1514813951&t=pageview&_s=1&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&dp=%2F-domain%3AZimbio%2CpageType%3Ahomepage%2Ccategory%3AEntertainment%2Cgeo%3AES%2CtestName%3Aten_buckets%2CtestBucket%3AB%2Cpv%3A1%2Cchannel%3AHomepage%2Curl%3Ahttps%253A%252F%252Fwww4.pictures.gi.zimbio.com%252F%2C&ul=en-us&de=UTF-8&dt=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEAB~&jid=977558131&gjid=1534065526&cid=1924194079.1660548186&tid=UA-5369370-1&_gid=1461715534.1660548186&cd1=B&cd2=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&cg1=homepage&z=57632599

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:23:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7176
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 62ms
20ms Image
image/gif 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1514813951&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&dp=%2F-domain%3AZimbio%2CpageType%3Ahomepage%2Ccategory%3AEntertainment%2Cgeo%3AES%2CtestName%3Aten_buckets%2CtestBucket%3AB%2Cpv%3A1%2Cchannel%3AHomepage%2Curl%3Ahttps%253A%252F%252Fwww4.pictures.gi.zimbio.com%252F%2C&ul=en-us&de=UTF-8&dt=Zimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad&ea=Blocked&el=false&ev=0&_u=YGDAgEABAAAAAE~&jid=&gjid=&cid=1924194079.1660548186&tid=UA-5369370-1&_gid=1461715534.1660548186&cd1=B&cd2=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&cg1=homepage&z=1849426059

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 05:23:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7176
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
206 B 21ms
20ms Image
image/gif 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
cache-control: max-age=938791
accept-ranges: bytes
content-length: 43
expires: Fri, 26 Aug 2022 04:09:36 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 75ms
20ms Image
image/gif 23.5.229.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.229.178 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-229-178.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:05 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=572620
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 21 Aug 2022 22:26:45 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
582 B 97ms
47ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=272693&u=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183777-124724527666383.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybQntLclsZrva5sKRK2I0FCWzrG9QImz7Q8YcWXUUHIww2d6rcvnkAri0D6wBC7CIskrHVK9gf6z7q6H9%2BPmVBz5eJHnl%2B5t8xwVC1KnCbAOfPXEea1ezOjzkF0Yp%2Bwa2jIfsZmaj3E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73b02ed10f118c47-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
383 B 102ms
39ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105849X1563408.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

openresty/1.11.2.5 /

Resource Hash

7bc3eca53811405f06c976f25b2af11ed5d062833c41baad0ff219de98f2450d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 141ms
99ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 13c70c36d8a4fb2b9d6f8f7c66d261403effc96e0d1b8b6fed2bb5fbdce6fd4e

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H3 200 790078967717692 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 55ms
26ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/790078967717692?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e81b941383b310f8cd48ef0c2aa53a0d1eeebb9eb7b9f7c6c5157aa7804e5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85935
x-xss-protection: 0
pragma: public
x-fb-debug: 8N6FNBXM9mESanf66LFwuE9K+vqzEo1qZAXATAr/hziSk1KA5srsLdrW/uXcmMwtxyqWS14e5P2AoQ1/E+/tkg==
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
38ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5369370-1&cid=1924194079.1660548186&jid=977558131&_u=YGDAgEABAAAAAE~&z=339375741

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aacxs.php Show response
c.aaxads.com/ Frame F2DD 23 KB
9 KB 107ms
106ms Document
text/html 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXTRKO2C&hst=www4.pictures.gi.zimbio.com&ver=1.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Apache /

Resource Hash

824bf324b419b1c64e2f3fb790c7f117bf943ba5dfd4657ed78b05f83734ebd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8991
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 07:23:05 GMT
expires: Wed, 17 Aug 2022 07:23:05 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

POST
H3 204 AGSKWxXXJNCsXjfDJfI6kTTjIWopT80vi6GcOkDGEnmUSfdZjP727WWAyS4NBoTBIwgJZxrKILDcGLWFMxb9Wr0JJGj8u29O2TF4jDFNG28VV8tRLeLdeFuCVUQSEBJ3rvEaE4pkCbF5Hg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 43ms
42ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXXJNCsXjfDJfI6kTTjIWopT80vi6GcOkDGEnmUSfdZjP727WWAyS4NBoTBIwgJZxrKILDcGLWFMxb9Wr0JJGj8u29O2TF4jDFNG28VV8tRLeLdeFuCVUQSEBJ3rvEaE4pkCbF5Hg==?pvid=1DDF083C-48AC-43B2-85DE-C0837CAAE2EB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oGH4eVSCFpkIwdqFfS0o_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oGH4eVSCFpkIwdqFfS0o_A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-oGH4eVSCFpkIwdqFfS0o_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-oGH4eVSCFpkIwdqFfS0o_A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXXJNCsXjfDJfI6kTTjIWopT80vi6GcOkDGEnmUSfdZjP727WWAyS4NBoTBIwgJZxrKILDcGLWFMxb9Wr0JJGj8u29O2TF4jDFNG28VV8tRLeLdeFuCVUQSEBJ3rvEaE4pkCbF5Hg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 134ms
134ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6xjOmYMksjWaXLu4vx-uSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6xjOmYMksjWaXLu4vx-uSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-6xjOmYMksjWaXLu4vx-uSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6xjOmYMksjWaXLu4vx-uSA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 46ms
45ms Image
image/gif 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.5182354593190417

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vqffur6LRJrakv86FXgq6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-vqffur6LRJrakv86FXgq6A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-vqffur6LRJrakv86FXgq6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-vqffur6LRJrakv86FXgq6A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 135ms
134ms Image
image/gif 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.898773213182832

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-UsDdX5F1tzRX_uTeIRfY-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-UsDdX5F1tzRX_uTeIRfY-w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-UsDdX5F1tzRX_uTeIRfY-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'nonce-UsDdX5F1tzRX_uTeIRfY-w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:23:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=587465339;labels=Entertainment;rf=0;a=p-124BfeS-bwiSE;url=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F;uht=2;fpan=1;fpa=P0-1545636349-1660548185929;pbc=;ns=0;ce=1;qjs=1;qv=ae608f52-20220808...
pixel.quantserve.com/ 35 B
372 B 30ms
29ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=587465339;labels=Entertainment;rf=0;a=p-124BfeS-bwiSE;url=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F;uht=2;fpan=1;fpa=P0-1545636349-1660548185929;pbc=;ns=0;ce=1;qjs=1;qv=ae608f52-20220808163238;cm=;gdpr=0;ref=;d=zimbio.com;dst=0;et=1660548185928;tzo=0;ogl=

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 21ms
20ms Image
image/gif 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=275&dgw=desktop&flg=AAXTRKO2C&fw=CHICAGO&ff=US&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=www4.pictures.gi.zimbio.com&vhuyqdph=ssp-serving-b56c95f45-ktthw&vyu=081112_422_081112_382_ssp&vf=IL&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001660548185700016112663405121&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=2&dgeg=0&qsd=0&jgsu=0&fvvwu=&wfi_fps=300&wfi_vwdwxv=loaded&wfi_sus=0000--0--0&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=274&fhqg=43&hqg=66&gvwduw=44&fvwduw=43&vwduw=44&uhtxuo=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&nzui=
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-225-150.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:05 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 15 Aug 2022 07:23:05 GMT

POST
H/1.1 200 850.json Show response
id5-sync.com/g/v2/ 453 B
1 KB 339ms
111ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/850.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

009537533316bf1108b98abbfd3dedb9e3dba317d3323121660838bd2862314a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8
transfer-encoding: chunked

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 92ms
37ms Fetch
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=137068566357971&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=e6fead2c1713c72530c68dfc8bc77e77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 6qmF3h4GpOaTdr9y2CHKaj/FBRY/Jw22EuClpyhqDBizAMge542vrNqvPxjufkZ72oESBIkYHEh6a+lDnlLlpA==
fb-s: unknown
date: Mon, 15 Aug 2022 07:23:06 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 page Show response
t.skimresources.com/api/v2/ 22 B
43 B 66ms
43ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105849X1563408.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.1 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.1
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H3 200 156461159114538 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/156461159114538?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4238b57f8971c4eff8d1219cca2e2ec7f17bd2658909ae9453902308ef5daddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85977
x-xss-protection: 0
pragma: public
x-fb-debug: kh2iD0JCOJzmfs8hXhqes7LhKaIQzfN7eSROHA+B6ZZ//UigUoIAHAAwytQnkqVIOobpw5sQsyuGLJzizyYQpw==
x-frame-options: DENY
date: Mon, 15 Aug 2022 07:23:05 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 14 B
28 B 146ms
103ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
339 B 28ms
27ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PageView&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186016&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&tm=1&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 29ms
28ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=AddToWishlist&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186018&cd[content_name]=DT-ZM&cd[content_category]=abk-false&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&tm=1&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DA8E 15 KB
6 KB 71ms
20ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146198
content-encoding: gzip
content-length: 5549
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 16 Aug 2022 23:59:44 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 1F2E 26 KB
10 KB 111ms
41ms Document
text/html 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c6426c6a410189eda6f856e11405c9eab376eea999a7e70b2880af2c2d06f811

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://c.aaxads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9577
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: Wed, 17 Aug 2022 07:23:06 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

POST
H3 204 AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 43ms
43ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bx6f6T98-PATEbFv104OzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bx6f6T98-PATEbFv104OzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bx6f6T98-PATEbFv104OzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-bx6f6T98-PATEbFv104OzQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 66ms
34ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186070&cd[segment_id]=36649&sw=1600&sh=1200&v=2.9.75&r=stable&ec=2&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 67ms
35ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186071&cd[segment_id]=36649&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 66ms
35ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186072&cd[segment_id]=76351&sw=1600&sh=1200&v=2.9.75&r=stable&ec=3&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 65ms
34ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186073&cd[segment_id]=76351&sw=1600&sh=1200&v=2.9.75&r=stable&ec=1&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 106ms
32ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2276351%22

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.97794668.1660548186.3bc4cea5
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1258299676591203
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 55ms
26ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186074&cd[segment_id]=76354&sw=1600&sh=1200&v=2.9.75&r=stable&ec=4&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 57ms
28ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186075&cd[segment_id]=76354&sw=1600&sh=1200&v=2.9.75&r=stable&ec=2&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 106ms
33ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2276354%22

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.97794668.1660548186.3bc4cea7
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1765340464692500
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 58ms
29ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186075&cd[segment_id]=79291&sw=1600&sh=1200&v=2.9.75&r=stable&ec=5&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 58ms
30ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186076&cd[segment_id]=79291&sw=1600&sh=1200&v=2.9.75&r=stable&ec=3&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 106ms
34ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2279291%22

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.97794668.1660548186.3bc4cea9
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1642392779400330
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 60ms
32ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186077&cd[segment_id]=79368&sw=1600&sh=1200&v=2.9.75&r=stable&ec=6&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 61ms
33ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186078&cd[segment_id]=79368&sw=1600&sh=1200&v=2.9.75&r=stable&ec=4&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 106ms
35ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2279368%22

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.97794668.1660548186.3bc4ceab
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1322532957980825
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 61ms
33ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186079&cd[segment_id]=80344&sw=1600&sh=1200&v=2.9.75&r=stable&ec=7&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 61ms
34ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186080&cd[segment_id]=80344&sw=1600&sh=1200&v=2.9.75&r=stable&ec=5&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 106ms
36ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2280344%22

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.97794668.1660548186.3bc4cead
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 7810015530594063
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 56ms
30ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186081&cd[segment_id]=80500&sw=1600&sh=1200&v=2.9.75&r=stable&ec=8&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 57ms
31ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186081&cd[segment_id]=80500&sw=1600&sh=1200&v=2.9.75&r=stable&ec=6&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
579 B 105ms
36ms Image
image/gif 104.77.220.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617205925237&event=PermutiveSegmentEntry&ed[segment_id]=%2280500%22

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.77.220.247 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-77-220-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.97794668.1660548186.3bc4ceb0
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1410858748787626
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DA8E 5 KB
6 KB 106ms
26ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71448381&p=158984&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: d74c9a87018fde340db7a2239bb6f42b4b3dcda40d90f380fd303348e37ccaa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 9676 4 KB
2 KB 72ms
22ms Document
text/html 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Resource Hash

8d4c8af4d7ce23e62beb1d8553c1f7fb80038e1f2632ed149b6827b98986f73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hbx.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1444
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2

200

cksync.php
contextual.media.net/ Frame 1F2E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=32fafeeb-4f19-475f-8c8b-4ac2c7e9e700

45 B
616 B

159ms
61ms

Image
image/gif

23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=32fafeeb-4f19-475f-8c8b-4ac2c7e9e700

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Protocol

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:05 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=32fafeeb-4f19-475f-8c8b-4ac2c7e9e700
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1426977
content-length: 0
expires: Mon, 15 Aug 2022 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 1F2E
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3035497866634089000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3035497866634089000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=b88a763f-29d9-4227-bc63-bc651295a12e&cs=1

45 B
465 B

64ms
63ms

Image
image/gif

23.41.168.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=b88a763f-29d9-4227-bc63-bc651295a12e&cs=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?&vsSync=1&cs=1&cid=AAXTRKO2C&cmode=1&cv=35&prvid=97,175,237,251&gdpr=0&gdprconsent=1&usp_status=0&usp_consent=1&https=1

Protocol

Server

23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-168-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

location: //contextual.media.net/cksync.php?type=mf&ovsid=b88a763f-29d9-4227-bc63-bc651295a12e&cs=1
date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 962A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=4E523AC7-5B95-4170-AC06-670AE238C22F
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4E523AC7-5B95-4170-AC06-670AE238C22F

35 B
468 B

22ms
21ms

Document
image/gif

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4E523AC7-5B95-4170-AC06-670AE238C22F

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=4E523AC7-5B95-4170-AC06-670AE238C22F
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 772C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=&_test=Yvn0WgAGjxk8egAK

1 B
239 B

49ms
22ms

Document
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=&_test=Yvn0WgAGjxk8egAK
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=&_test=Yvn0WgAGjxk8egAK
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-ewr18147-EWR
x-timer: S1660548186.341556,VS0,VE0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A6F3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2da62f9-f45a-4d00-9071-fa464b6eee05&gdpr=0&gdpr_consent=

42 B
553 B

72ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2da62f9-f45a-4d00-9071-fa464b6eee05&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Mon, 15 Aug 2022 07:23:05 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master ord-pixel-x6 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2da62f9-f45a-4d00-9071-fa464b6eee05&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1200
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWFJVN0Y4LWtBQUJHTjEtS3daUQ&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEXRU7F8-kAABGN1-KwZQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partne...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEXRU7F8-kAABGN1-KwZQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEXRU7F8-kAABGN1-KwZQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Cpm%26bee_sync_curr...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1223438846415919957
https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEXRU7F8-kAABGN1-KwZQ&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1223438846415919957%26bee_sync_partners%3Dpm%26bee_sy...
https://match.prod.bidr.io/cookie-sync?userid=1223438846415919957&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXRU7F8-kAABGN1-KwZQ

42 B
200 B

26ms
26ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXRU7F8-kAABGN1-KwZQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEXRU7F8-kAABGN1-KwZQ
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 2644 0
222 B 154ms
28ms Document
image/gif 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Mon, 15 Aug 2022 07:23:05 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: a

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 448F 43 B
363 B 36ms
19ms Document
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: Mon, 15 Aug 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 378291
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B46D
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1b4fe2be-1c6b-11ed-ad86-7a1b3cd4bdb4

42 B
244 B

26ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1b4fe2be-1c6b-11ed-ad86-7a1b3cd4bdb4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 23 Sep 2004 17:42:04 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=1b4fe2be-1c6b-11ed-ad86-7a1b3cd4bdb4
P3P: CP="NOI OTC OTP OUR NOR"
Pragma: no-cache
X-RealServer-NX: lga-delivery-10
server: Cowboy

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B4B9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nUmTrFXsTwhN8Tg815BiKmAJ-SQ

42 B
204 B

49ms
23ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nUmTrFXsTwhN8Tg815BiKmAJ-SQ
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Aug 2022 07:23:06 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=nUmTrFXsTwhN8Tg815BiKmAJ-SQ

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2678
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1660548186384
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8869705596
https://sync.1rx.io/usersync/tradedesk/743c1b44-933e-4111-9ad8-0775ef5b3ede
https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005

42 B
333 B

21ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 14 Aug 2022 18:44:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:23:06 GMT
ETag: RXf3df65f69cae4077a4c51402bc8fa6dc005
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding: chunked

GET
H2

200

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame C79A
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=b146772a-6b25-40c4-8133-7a36f87ff6dc&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4E523AC7-5B95-4170-AC06-670AE238C22F

42 B
352 B

26ms
26ms

Document
image/gif

52.205.37.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4E523AC7-5B95-4170-AC06-670AE238C22F
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.37.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-37-96.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 42
content-type: image/gif
date: Mon, 15 Aug 2022 07:23:06 GMT
server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=4E523AC7-5B95-4170-AC06-670AE238C22F
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D23A
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363760812

42 B
190 B

60ms
23ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363760812
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=686363760812

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame F0D5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kcweKbNm1Onurg5&gdpr=0&gdpr_consent=

42 B
196 B

21ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kcweKbNm1Onurg5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:kcweKbNm1Onurg5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-0d6d7081f21f144c8@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 38CA
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
420 B

80ms
79ms

Document
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 73b02ed4df6bd15f-BUF
content-length: 43
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 73b02ed45f4dd15f-BUF
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 281

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 191E
Redirect Chain

https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7138345861768999502&uid=Q713834586176899...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138345861768999502

42 B
220 B

21ms
21ms

Document
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138345861768999502
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158984&userIdMacro=PM_UID&predirect=https%3A%2F%2Fc.aaxads.com%2Faacxc.php%3Ffv%3D1%26yvlg%3D3035497856634099000V10%26wbsh%3Dpba%26uhiXuo%3D%26ylg%3D05481860363035497856634099000V10%26ryvlg%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: max-age=30583
Connection: keep-alive
Content-Length: 154
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:23:06 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7138345861768999502
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: Apache/2.4.6 (CentOS)
Vary: Accept-Encoding
X-Powered-By: PHP/7.3.33

GET
H2 200 aacxc.php Show response
c.aaxads.com/ Frame 41AF 69 B
489 B 35ms
32ms Document
image/gif 23.5.225.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aacxc.php?fv=1&yvlg=3035497856634099000V10&wbsh=pba&uhiXuo=&ylg=05481860363035497856634099000V10&ryvlg=4E523AC7-5B95-4170-AC06-670AE238C22F

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.5.225.150 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2425b660230bb48d5acfa6dc31dc7d417c427523544e605e23272bb135c6b658

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 69
content-type: image/gif
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=604800
x-mnet-hl2: E

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TlI6x1uVQXCsBmcK4jjCLw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TlI6x1uVQXCsBmcK4jjCLw%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

21ms
21ms

Image
text/html

69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Requested by

Protocol

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146198
accept-ranges: bytes
content-type: text/html
content-length: 5549
x-xss-protection: 1; mode=block
expires: Tue, 16 Aug 2022 23:59:44 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

v2
usermatch.krxd.net/um/ Frame DA8E
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=4E523AC7-5B95-4170-AC06-670AE238C22F
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDRFNTIzQUM3LTVCOTUtNDE3MC1BQzA2LTY3MEFFMjM4QzIyRhAAGg0I2ujnlwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=e609682ddd0ebcfad4baee4a92aff13e1505055cc987ccef0d224a7d7b1b214d791426b5417dce21&_=2
https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlNjA5NjgyZGRkMGViY2ZhZDRiYWVlNGE5MmFmZjEzZTE1MDUwNTVjYzk4N2NjZWYwZDIyNGE3ZDdiMWIyMTRkNzkxNDI2YjU...
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlNjA5NjgyZGRkMGViY2ZhZDRiYWVlNGE5MmFmZjEzZTE1MDUwNTVjYzk4N2NjZWYwZDIyNGE3ZDdiMWIyMTRkNzkxNDI2YjU0MTdkY2UyMRAAGgwI2ujnlwYSBAgCEABCAEoA&goog...
https://usermatch.krxd.net/um/v2?partner=liveramp_identity

20 B
20 B

125ms
25ms

Image
text/plain

52.20.189.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=liveramp_identity
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 52.20.189.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-189-152.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-age: 0
content-length: 20
content-type: text/plain; charset=utf-8
x-served-by: usermatch-a008-ash-prod.krxd.net
x-cache: MISS
x-cache-hits: 0

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://usermatch.krxd.net/um/v2?partner=liveramp_identity
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=64a362f9-f45a-4200-ae14-20591adc6f4c

0
260 B

66ms
21ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=64a362f9-f45a-4200-ae14-20591adc6f4c
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x18 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=64a362f9-f45a-4200-ae14-20591adc6f4c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Aug 2022 07:23:05 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEU1MjNBQzctNUI5NS00MTcwLUFDMDYtNjcwQUUyMzhDMjJG&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEU1MjNBQzctNUI5NS00MTcwLUFDMDYtNjcwQUUyMzhDMjJG&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

26ms
25ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFehf2jubxdlCvRcgM0b2WM&google_cver=1

42 B
375 B

26ms
26ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFehf2jubxdlCvRcgM0b2WM&google_cver=1
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFehf2jubxdlCvRcgM0b2WM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:217E2E5E244E4FE38B8FED528A1D6A1E

42 B
438 B

97ms
26ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:217E2E5E244E4FE38B8FED528A1D6A1E
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
server: openresty
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:217E2E5E244E4FE38B8FED528A1D6A1E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:23:06 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2369653545561265028&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

21ms
21ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2369653545561265028&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2369653545561265028&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=743c1b44-933e-4111-9ad8-0775ef5b3ede

42 B
278 B

111ms
24ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=743c1b44-933e-4111-9ad8-0775ef5b3ede
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=743c1b44-933e-4111-9ad8-0775ef5b3ede
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 4E523AC7-5B95-4170-AC06-670AE238C22F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DA8E 43 B
993 B 135ms
30ms Image
image/gif 2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/4E523AC7-5B95-4170-AC06-670AE238C22F?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4E523AC7-5B95-4170-AC06-670AE238C22F&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Onad7gRE2uV5_JKAXaVw5zoWkX5dfL0-~A&gdpr=0&gdpr_consent=

0
128 B

22ms
21ms

Image
text/plain

104.36.115.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Onad7gRE2uV5_JKAXaVw5zoWkX5dfL0-~A&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:04 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Onad7gRE2uV5_JKAXaVw5zoWkX5dfL0-~A&gdpr=0&gdpr_consent=
date: Mon, 15 Aug 2022 07:23:06 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame DA8E 0
35 B 137ms
25ms Image
text/plain 54.243.180.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.243.180.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-180-156.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=febe0555-4cde-43e9-9e1e-e1fece164480&gdpr=0&gdpr_consent=

1 B
235 B

22ms
21ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=febe0555-4cde-43e9-9e1e-e1fece164480&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=febe0555-4cde-43e9-9e1e-e1fece164480&gdpr=0&gdpr_consent=
Date: Mon, 15 Aug 2022 07:23:06 GMT
X-CI-RTID: ea19c938-01e8-451c-87b3-148be2b106cc
Connection: keep-alive
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=30755c5d64f41844&is_secure=true&networkId=17100&version=1&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTF9XcVXzQN7aUh9AAAAAAA&expiration=1660634586&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&...

42 B
265 B

21ms
21ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTF9XcVXzQN7aUh9AAAAAAA&expiration=1660634586&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGcTF9XcVXzQN7aUh9AAAAAAA&expiration=1660634586&nuid=4E523AC7-5B95-4170-AC06-670AE238C22F&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4399279868920492754&gdpr=0&gdpr_consent=

42 B
243 B

27ms
27ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4399279868920492754&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 00cc36f1-4d9a-43b5-bdbf-f07b778aef15
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4399279868920492754&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B4_jNFeJsDQc2LJuUNuoO1SKvT8cj7NvU4UJWAmQ

42 B
340 B

27ms
26ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B4_jNFeJsDQc2LJuUNuoO1SKvT8cj7NvU4UJWAmQ
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=B4_jNFeJsDQc2LJuUNuoO1SKvT8cj7NvU4UJWAmQ
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=65f8d0f6-f316-42e3-b077-5daeb722f7fa-62f9f45a-5553&gdpr=0&gdpr_consent=

42 B
217 B

25ms
25ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=65f8d0f6-f316-42e3-b077-5daeb722f7fa-62f9f45a-5553&gdpr=0&gdpr_consent=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=65f8d0f6-f316-42e3-b077-5daeb722f7fa-62f9f45a-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=8069c585-162d-407f-bfa0-ba35b11c7aae
https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&ssp_uuid=8069c585-162d-407f-bfa0-ba35b11c7aae
https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=pubmatic&user_id=0151ccce-1edf-431c-b839-7d7a8a8f6c08
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=&gdpr_consent=&gdpr_pd=

1 B
368 B

22ms
21ms

Image
text/html

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 15 Aug 2022 07:23:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame DA8E
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B331_F4A3D0E4_71E619ED&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

58ms
58ms

Image
image/gif

204.2.255.233
NTT-LTD-2914

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Requested by

Protocol

HTTP/1.1

Server

204.2.255.233 Fort Lauderdale, United States, ASN2914 (NTT-LTD-2914, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-343534986; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Cache-Control: no-cache
Expires: -1
Content-Length: 43
Strict-Transport-Security: max-age=-343534986; includeSubDomains
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA8E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4214309458317605686

42 B
298 B

21ms
21ms

Image
image/gif

104.36.115.109
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4214309458317605686
Requested by: Host: c.aaxads.com
URL: https://c.aaxads.com/aacxs.php?flg=AAXTRKO2C&fv=1&fy=37&ke=1&suylg=3012%2C241%2C229%2C291%2C271%2C272%2C251%2C330%2C108%2C209%2C292%2C265%2C267%2C3007%2C97%2C89%2C282%2C356&yvVbqf=1&uhiXuo=&gdpr=0&gdprconsent=1&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Server: 104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 19:30:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4214309458317605686
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET pubmatic
sync.resetdigital.co/csync/ Frame DA8E 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame 9676
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=1&gdpr_consent=

0
291 B

21ms
21ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x49 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/match/?int_id=1&uid=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Aug 2022 07:23:05 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 9676 0
239 B 436ms
98ms Image
image/gif 213.19.162.80
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.80 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
Content-Type: image/gif

GET
H2

200

/
onetag-sys.com/match/ Frame 9676
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4399279868920492754

0
291 B

21ms
21ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4399279868920492754

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 80acfd0f-ad32-4b86-b861-771ed0d8426a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=4399279868920492754
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 9676 42 B
774 B 167ms
28ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=ghpD77esdJGpv9AewU3d6moNPrfB0n13LN-sc9PZSBg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: a414d61fde5a538d1bc5c621aec59518
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9676
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBigLOJDHoOEFiYNArW0647es1ZEpRv3w
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBigLOJDHoOEFiYNArW0647es1ZEpRv3w&google_tc=

170 B
188 B

84ms
38ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBigLOJDHoOEFiYNArW0647es1ZEpRv3w&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgqBigLOJDHoOEFiYNArW0647es1ZEpRv3w&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 9676 0
75 B 396ms
51ms Image
text/plain 199.187.193.179
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.179 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9676
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ghpD77esdJGpv9AewU3d6moNPrfB0n13LN-sc9PZSBg

43 B
556 B

125ms
31ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ghpD77esdJGpv9AewU3d6moNPrfB0n13LN-sc9PZSBg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X1CSYCQYJ40F6DNAJ1JK
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=ghpD77esdJGpv9AewU3d6moNPrfB0n13LN-sc9PZSBg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame 9676 0
42 B 132ms
25ms Image
text/plain 8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 9676
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF91wrhlnBY36s1vZJgwSEU&google_cver=1

0
291 B

22ms
21ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF91wrhlnBY36s1vZJgwSEU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEF91wrhlnBY36s1vZJgwSEU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9676
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6b210a46ea891222&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGcYxwbyQwrANWjoqmAAAAAAA&expiration=1660634586&is_secure=true

0
291 B

21ms
21ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGcYxwbyQwrANWjoqmAAAAAAA&expiration=1660634586&is_secure=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ec2-54-175-87-114.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGcYxwbyQwrANWjoqmAAAAAAA&expiration=1660634586&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame 9676 0
15 B 143ms
37ms Image
text/plain 54.175.87.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame 9676
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

0
291 B

21ms
21ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 9676 43 B
235 B 156ms
37ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cksync.php
hbx.media.net/ Frame 9676 45 B
470 B 56ms
48ms Image
image/gif 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=1&type=ot&ovsid=ghpD77esdJGpv9AewU3d6moNPrfB0n13LN-sc9PZSBg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5d49f482552c9b6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H/1.1

200

9.gif
id5-sync.com/c/850/441/0/
Redirect Chain

https://id5-sync.com/i/850/8.gif?id5id=ID5*ug4sCQRPlXNZQe0giZeMURgGuXHHq183pKhw71jt3oEe43yFPFK9n3PSd3LlJcO2&o=api&gdpr_consent=undefined&gdpr=false
https://ib.adnxs.com/getuid?https://id5-sync.com/c/850/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/850/2/7/2.gif?puid=4399279868920492754&gdpr=0&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO5An0NbkHjGZp0e0X-EDYNyftPnFE7hGpuKu_xw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F3%2F6%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
https://id5-sync.com/c/850/3/6/3.gif?puid=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttl=%%TTL%%
https://match.prod.bidr.io/cookie-sync/id5
https://id5-sync.com/k/155.gif?id5AccountNum=155&numCascadesAllowed=9&puid=AAEXRU7F8-kAABGN1-KwZQ
https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F796%2F3%2F6.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
https://id5-sync.com/c/850/796/3/6.gif?puid=febe0555-4cde-43e9-9e1e-e1fece164480&gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/850/429/2/7.gif?puid=4E523AC7-5B95-4170-AC06-670AE238C22F&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F434%2F1%2F8.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
https://id5-sync.com/c/850/434/1/8.gif?puid=f7910f0d-3c22-4322-a537-fd9e2c48f4d4&gdpr=0&gdpr_consent=
https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F850%2F441%2F0%2F9.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
https://id5-sync.com/c/850/441/0/9.gif?puid=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=

43 B
2 KB

114ms
111ms

Image
image/gif

141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/850/441/0/9.gif?puid=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

HTTP/1.1

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/c/850/441/0/9.gif?puid=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=
date: Mon, 15 Aug 2022 07:23:08 GMT
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 667 B
1 KB 249ms
248ms XHR
text/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3234&u=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&pid=3K8Aui9NrOo2c&cb=0&ws=1600x1200&v=22.8.42053&t=300&slots=%5B%7B%22sd%22%3A%22topMREC%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Top_300x250%22%7D%2C%7B%22sd%22%3A%22pushdown%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Subnav_970x90%22%7D%5D&pj=%7B%22bucket%22%3A%5B%22B%22%5D%7D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*ug4sCQRPlXNZQe0giZeMURgGuXHHq183pKhw71jt3oEe43yFPFK9n3PSd3LlJcO2%22%2C%22pubcommon%22%3A%22fae40493-0b07-412d-8904-aafee314dd77%22%2C%22audigent%22%3A%22060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oil1mggk4e4s4ou04gu0oeow6sz%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-150-76.ewr52.r.cloudfront.net

Software

Server /

Resource Hash

f2624fb4a09adf44ff4e2759d5f990df691b927906e82fe071af5224dcd71df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
x-amz-rid: Y1RF40DAC7D1HV9PVQ4Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 667
x-amz-cf-id: de0Uvn6B7c9anvmwIMNlYLxD2aFqIGfHD8s_JQ1bnrd4dAz5Al5AuA==

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
938 B 75ms
27ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 584593
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5yQgvvz1igj32o4xPe528iM6HXceV%2BSKDU3ZWL8ymOS%2FyDO93VBkNosvmeNA9viYWl9vYdkij335XHFQ1ZGxAZGOBJrxjAaseynUdF5qmRHlvHeyyE2eWw0nQklFkhxdvd4dJeAFb0rmtGG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 73b02ed528ff1971-EWR

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 7 KB
5 KB 320ms
272ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=168880&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221d58b6bb7fbddd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%3FprtCat%3D%26permutive%3D36649%252C37275%252C37276%252C37283%252C72138%252C73225%252C74190%252C74645%252C76000%252C76002%252C76351%252C76354%252C79291%252C79368%252C80344%252C80500%252C81210%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.1%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22743c1b44-933e-4111-9ad8-0775ef5b3ede%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-08-15T07%3A23%3A05%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221a9c6ac245f3b%22%2C%22ext%22%3A%7B%22siteID%22%3A168880%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223932f42b870488%22%2C%22ext%22%3A%7B%22siteID%22%3A176681%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224c4a8f89a37283%22%2C%22ext%22%3A%7B%22siteID%22%3A176682%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2250c124ab72bb6c%22%2C%22ext%22%3A%7B%22siteID%22%3A168881%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%226896fcc83aa35e%22%2C%22ext%22%3A%7B%22siteID%22%3A168787%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7335c29db7f3dfedee0dd944076ab0c0de24cfc8b0b546427dcb810c33919d9

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rNKeQxnVPqKsrJkdKK%2BG0X%2Fjz9ueTDNYlsY6WfhIHmHIlLb9a9wtecNdyNRYAAcqhnQpjUFNJgBdCDytRHUqu2jQTE%2FnNM2NKgLBrSiodzHPX3CnTdtJYbYZ4yGOM651HYlfWlg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73b02ed53931c452-EWR
expires: 0

GET
H2 200 arj Show response
livingly-d.openx.net/w/1.0/ 174 B
599 B 138ms
68ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://livingly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c40466d5-1070-4251-a960-12ad047f45a8%2C21eb76d3-0aa4-4ad8-91c4-7205044f2f72%2Cf06899f0-ef24-446d-8272-542b19f89e45%2Ce6f7dd6b-d57e-4efe-8e55-c15a8c869857%2C2fcc33b1-916b-4d09-a877-6aff9215b016%2Cad953de0-f56e-4b3f-a6be-77febecc0660&nocache=1660548186380&aus=300x250%7C300x600%7C160x600%7C970x90%7C970x250%7C728x90&divids=topMREC_300x250%2CtopMREC_300x600%2CtopMREC_160x600%2Cpushdown_970x90%2Cpushdown_970x250%2Cpushdown_728x90&aucs=%2C%2C%2C%2C%2C&auid=538037185%2C540655006%2C540655005%2C538037187%2C540288701%2C540288707&tps=YnVja2V0PWI%3D%2CYnVja2V0PWI%3D%2CYnVja2V0PWI%3D%2CYnVja2V0PWI%3D%2CYnVja2V0PWI%3D%2CYnVja2V0PWI%3D&aumfs=100%2C100%2C100%2C100%2C3000%2C100
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3d2d39021d8da7e7eeda95f6dcf0e405d44ad9545fcd27fdedca13d4fdaeddd

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
321 B 144ms
40ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=7594%2C7595%2C7596%2C7591%2C7592%2C7593&sizes=300x250%2C300x600%2C160x600%2C970x90%2C970x250%2C728x90&r=149b6d8ea27d31&wrapperType=Prebid_js&wrapperVersion=4.43.1&keywords=%5B%7B%22key%22%3A%22prtCat%22%2C%22value%22%3A%5B%5D%7D%2C%7B%22key%22%3A%22permutive%22%2C%22value%22%3A%5B%2236649%22%2C%2237275%22%2C%2237276%22%2C%2237283%22%2C%2272138%22%2C%2273225%22%2C%2274190%22%2C%2274645%22%2C%2276000%22%2C%2276002%22%2C%2276351%22%2C%2276354%22%2C%2279291%22%2C%2279368%22%2C%2280344%22%2C%2280500%22%2C%2281210%22%5D%7D%5D&u=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&wtimeout=3000
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H2 200 cdb Show response
bidder.criteo.com/ 4 KB
3 KB 104ms
51ms XHR
application/json 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.1&cb=74398077147

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

619203f0da5c9b50efdf80dc8455507ba3f1663c7a03422c9f8636be90a1aab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:05 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2541

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 253ms
172ms XHR
application/json 3.221.230.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.1&referrer=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&tmax=3000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.230.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-230-178.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
accept-ch: sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 369 B
2 KB 203ms
100ms XHR
application/json 2602:803:c002:200::114
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9178&site_id=116876&zone_id=550460%3B550458&size_id=15%3B2&alt_size_ids=9%2C10%3B55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&tg_v.permutive=36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210&tg_i.bucket=B&tg_i.pv=1&tk_flint=pbjs_lite_v4.43.1&x_source.tid=583bfdd8-c0d6-499d-8033-c9b8c79a96ba%3B35a2a669-c3b5-436e-a30c-9c46c8f51e65&p_screen_res=1600x1200&rp_floor=0.11&rp_secure=1&rp_maxbids=1&slots=2&rand=0.9903047694279188
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::114 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 02d8ec3f4f630ab5973ea5a54cfebf7d388792d7269a237dd1a41d9300b0cc89

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 369
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
378 B 118ms
38ms XHR
application/json 35.211.165.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 199.165.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: deb327c5fd4cdccc49cbb8c5316bc6f1ccfac9b421ea41add0d16bcf4086543e

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 728 B
1 KB 294ms
293ms XHR
application/json 68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b0c8e67606ba4c93a5f41dbe336d63e6e35d0d23cfd2114d3bed2e3d29e282f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7f3fe46f-aa95-4f51-9514-42c745764358
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
662 B 239ms
142ms XHR
application/json 52.71.142.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%222a0dd549-2953-4b44-b54b-e4da3bddc99e%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1660548186391%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2241e883a459ed17c%22%3A%22_pNHlshZ5ok%22%2C%224229dcea7513475%22%3A%22_qeVlAfyexV%22%7D%2C%22bidSizes%22%3A%7B%2241e883a459ed17c%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%224229dcea7513475%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_pNHlshZ5ok%22%7D%2C%22userId%22%3A%22%22%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22topMREC%22%2C%22transactionId%22%3A%22583bfdd8-c0d6-499d-8033-c9b8c79a96ba%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%2C%5B160%2C600%5D%5D%2C%22bidId%22%3A%2241e883a459ed17c%22%2C%22bidderRequestId%22%3A%2240fbd6e411c755d%22%2C%22auctionId%22%3A%22736deaec-f704-464f-a9df-e6031b5f0396%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qeVlAfyexV%22%7D%2C%22userId%22%3A%22%22%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22pushdown%22%2C%22transactionId%22%3A%2235a2a669-c3b5-436e-a30c-9c46c8f51e65%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%224229dcea7513475%22%2C%22bidderRequestId%22%3A%2240fbd6e411c755d%22%2C%22auctionId%22%3A%22736deaec-f704-464f-a9df-e6031b5f0396%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.142.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-142-187.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 4 KB
2 KB 196ms
141ms XHR
application/json 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 7d298c4477ad85c265e59c98cae512e92eaf282e7d0794afa0a4fa7eaae84295

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
x-openrtb-version: 2.3
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1934

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 157ms
115ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txa3aa7d5550dc46989b523-0062f18bf9
cf-ray: 73b02ed5cb9e8c51-EWR
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-id-2: txa3aa7d5550dc46989b523-0062f18bf9
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqUSchOfEqIVsHmjvYIN3o77ZLEkJ4AsJWPb1qgioy0NvORFKgI8MedSg9jBXRk%2FZhEBl%2Fg5OPhRdN8SP%2FUqU92zKi6WWkEe7YZZ0ufS76Ln600sKILvGg5HO%2B3PoR9ZcANddb56EKdxXUZT"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1652176651393042
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript
access-control-allow-headers: Authorization

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 27ms
25ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=790078967717692&ev=Microdata&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186518&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5CnZimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos%5Cn%22%2C%22meta%3Akeywords%22%3A%22Zimbio%2C%20Pictures%2C%20Entertainment%2C%20Style%2C%20Current%20Events%2C%20People%2C%20Celebrities%2C%20Videos%22%2C%22meta%3Adescription%22%3A%22Entertainment%20news%2C%20the%20largest%20celebrity%20photo%20collection%2C%20movies%2C%20TV%2C%20music%20%26%20polls%20for%20the%20pop%20culture%20obsessed.%22%7D&cd[OpenGraph]=%7B%22twitter%3Aaccount_id%22%3A%2218090418%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zimbio.com%22%2C%22name%22%3A%22Zimbio%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.zimbio.com%2Fimages%2Flogo_Zimbio_Main_v06816.png%22%7D%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=9&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 26ms
26ms Image
image/gif 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=156461159114538&ev=Microdata&dl=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&rl=&if=false&ts=1660548186572&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5CnZimbio%20-%20Entertainment%20News%2C%20Celebrity%20News%2C%20Celebrity%20Photos%20%26%20Videos%5Cn%22%2C%22meta%3Akeywords%22%3A%22Zimbio%2C%20Pictures%2C%20Entertainment%2C%20Style%2C%20Current%20Events%2C%20People%2C%20Celebrities%2C%20Videos%22%2C%22meta%3Adescription%22%3A%22Entertainment%20news%2C%20the%20largest%20celebrity%20photo%20collection%2C%20movies%2C%20TV%2C%20music%20%26%20polls%20for%20the%20pop%20culture%20obsessed.%22%7D&cd[OpenGraph]=%7B%22twitter%3Aaccount_id%22%3A%2218090418%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22https%3A%2F%2Fwww.zimbio.com%22%2C%22name%22%3A%22Zimbio%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.zimbio.com%2Fimages%2Flogo_Zimbio_Main_v06816.png%22%7D%5D&sw=1600&sh=1200&v=2.9.75&r=stable&ec=7&o=30&fbp=fb.1.1660548186015.38411260&it=1660548185750&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 15 Aug 2022 07:23:06 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 1 KB
429 B 115ms
115ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: db34c4b46dfe8aad611fab1a7143d50ea6a5770aabcd202024f1426cd6ce727b

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 411
via: 1.1 google

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 214A
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&dcc=t

370 B
1 KB

50ms
50ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&dcc=t

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

803c204ec6d407c61d744e71e2f03c52fe66fd60f6ff6906e3efd8e0b02413ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 370
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 0SA6P48KEH8DNTJEX1PA

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&dcc=t
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 8VK6MS6VRK609SWHTDFN

GET
H2 204 beacon.gif
www4.pictures.gi.zimbio.com/ 0
158 B 94ms
94ms Image
text/plain 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.gi.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22generic%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22GVQUXF3TYF368617775694753490%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22GVQUXF3TYF3%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22B%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22category%22%3A%22Prebird%22%2C%22action%22%3A%22Prebird.getBidsTiming%22%2C%22label%22%3A%22topMREC%2Cpushdown%22%2C%22value%22%3A346%7D

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 72091
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 varnish, 1.1 varnish
server: nginx/1.4.6 (Ubuntu)
x-timer: S1660548187.719687,VS0,VE72
x-served-by: cache-bfi-krnt7300092-BFI, cache-ewr18128-EWR
strict-transport-security: max-age=31557600
x-cache: MISS, MISS
cache-control: max-age=0
x-cache-hits: 0, 0
accept-ranges: bytes
expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H3 200 gam_ads. Show response
fundingchoicesmessages.google.com/f/AGSKWxXY4VJ7psTdvNqJh07J8Dj6Nrt8GjdpZzUayI8Guzl6Npy49KWF0PYfl-ip88QEd-xJzxRNXF9RFqqDygLXhCxYaggyAwQo58zv6m2jcukJ0pgKid3epdyIq11VEpPCabfV5dw9u_vqEfkbHlSilucFehdAV... 54 B
110 B 55ms
54ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXY4VJ7psTdvNqJh07J8Dj6Nrt8GjdpZzUayI8Guzl6Npy49KWF0PYfl-ip88QEd-xJzxRNXF9RFqqDygLXhCxYaggyAwQo58zv6m2jcukJ0pgKid3epdyIq11VEpPCabfV5dw9u_vqEfkbHlSilucFehdAVZlDUStN899Su1pl1vrlTsZQY6OovxMP/_/adpop32./advrotator./advert35./pubmatic_/gam_ads.

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81e2e1ddcc09af64dd228910e398e466a18eeff338997914104e4ca6636400d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gBzhX_pfzAJL_oBvUw2drg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gBzhX_pfzAJL_oBvUw2drg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-gBzhX_pfzAJL_oBvUw2drg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gBzhX_pfzAJL_oBvUw2drg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:23:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 150 B
653 B 85ms
22ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b236f82ab80f86a107f3f515f08efd59e273ef9120c58ef6f1f92c5a59676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
server: cafe
etag: 8503686451332090603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 08:05:29 GMT

POST
H3 204 AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 43ms
43ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wwtr1Z4F96CsX9LF37bjSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wwtr1Z4F96CsX9LF37bjSw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-wwtr1Z4F96CsX9LF37bjSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-wwtr1Z4F96CsX9LF37bjSw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame C94D 4 KB
4 KB 32ms
32ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

e8b2ea66149fc497dc283c609121e520c4c282d5de702ff527e036fb4814763e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 3810
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: PGR6SBNJE3PPERBW8H62

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 87ms
37ms Script
application/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www4.pictures.gi.zimbio.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
20 KB 593ms
592ms XHR
text/plain 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274754485560892&correlator=3979205438390620&eid=31068830%2C44761478%2C44770638&output=ldjh&gdfp_req=1&vrg=2022080901&ptt=17&impl=fifs&gdpr=0&iu_parts=1028834%2CZM%2CZM_DT_Top_300x250%2CZM_DT_Subnav_970x90&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x600%2C970x90%7C970x250%7C728x90&ifi=1&adks=3452758204%2C2700933493&sfv=1-0-38&fsapi=false&prev_scp=refresh%3D1%26amznbid%3Dr26f4%26amznp%3Dw1z40%26amzniid%3DIwux6NQlgCk8vkLnkmVozu0AAAGCoGKB3gEAAAyiAQAslhny%26amznsz%3D300x600%26hb_pb_criteo%3D0.98%26hb_adid_criteo%3D50ce35a71b893b8%26hb_size_criteo%3D300x600%26hb_crid_criteo%3D22bcba60c4b092a%26MaxBid%3D0098%26size%3D300x600%26relLift%3D99%26FloorAdX%3D0095%26adxtestboost%3D0%26floors%3Dgoog2%2Crobin1%26DealGroup%3D2%26impId%3DGVQUXF3TYF371354578772555750%7Crefresh%3D1%26amznbid%3D2%26amznp%3D2%26MaxBid%3D0000%26size%3D0x0%26relLift%3D0%26FloorAdX%3D0005%26adxtestboost%3D0%26floors%3Dgoog2%2Crobin1%2Cmbp%26DealGroup%3D0%26impId%3DGVQUXF3TYF388180172105508980&eri=1&cust_params=permutive%3D36649%252C37275%252C37276%252C37283%252C72138%252C73225%252C74190%252C74645%252C76000%252C76002%252C76351%252C76354%252C79291%252C79368%252C80344%252C80500%252C81210%252Crts%26Domain%3DZimbio%26Category%3DEnt%26Channel%3DHomepage%26PV%3D001%26Source%3Dothr%26Media_Type%3DHomepage%26Tester%3DB%26Rcode%3DZM_Orgc%26puid%3D3f86dc11-51f7-4b4f-befd-c63993a4b1de%26ptime%3D1660548185490%26stack%3Dprebird%26consentGDPR%3Dtrue%26sid%3DGVQUXF3TYF3&sc=1&cookie_enabled=1&abxe=1&dt=1660548186744&lmt=1660547691&dlt=1660548184595&idt=823&adxs=975%2C315&adys=697%2C65&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&frm=20&vis=1&psz=300x250%7C1600x4890&msz=300x250%7C1600x90&fws=0%2C4&ohw=0%2C1600&ga_vid=1924194079.1660548186&ga_sid=1660548187&ga_hid=1514813951&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

eda8a965a77ae99e6c246a261f7f4ce202ab9132f53b9c71a4573ffa2c6f2989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19992
x-xss-protection: 0
google-lineitem-id: 4734894853,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238613185,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fa34edbd71c50261eddab1c7cb641f44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 314E 6 KB
4 KB 121ms
40ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fa34edbd71c50261eddab1c7cb641f44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: Tue, 15 Aug 2023 07:23:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C94D
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D?gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=8069c585-162d-407f-bfa0-ba35b11c7aae

43 B
556 B

87ms
32ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=8069c585-162d-407f-bfa0-ba35b11c7aae

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 0M4MP57QVW665JCKD1RJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=8069c585-162d-407f-bfa0-ba35b11c7aae
Date: Mon, 15 Aug 2022 07:23:06 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C94D
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=545dc243

43 B
556 B

43ms
33ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=545dc243

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8A9ZG75GXS8995W7T990
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR52-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=545dc243
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: uoRadOHoEp2VFoFuC-FHwjUpnIDZ-Xh_zP50WEWBcqqvRvt0J5PtiQ==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C94D
Redirect Chain

https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
https://s.amazon-adsystem.com/ecm3?id=217E2E5E244E4FE38B8FED528A1D6A1E&ex=simpli.fi&status=ok

43 B
556 B

33ms
33ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=217E2E5E244E4FE38B8FED528A1D6A1E&ex=simpli.fi&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y68K98FTH52KV4R2HVPF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
server: openresty
location: https://s.amazon-adsystem.com/ecm3?id=217E2E5E244E4FE38B8FED528A1D6A1E&ex=simpli.fi&status=ok
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:23:06 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C94D
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID&gdpr=0
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1h...
https://cs.emxdgt.com/umcheck?apnxid=4399279868920492754&redirect=https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=$EMXUID&b64_redirect=aHR0cHM6Ly9zLmFtYXpvbi1hZHN5c3RlbS5jb20vZWNtMz9leD1icmV...
https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=4399279868920492754brt56841660548186860521b4

43 B
556 B

34ms
33ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=4399279868920492754brt56841660548186860521b4

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WKX0R7Q0WBNS9605ESEY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=brealtime.com&id=4399279868920492754brt56841660548186860521b4
date: Mon, 15 Aug 2022 07:23:06 GMT
content-length: 0
content-type: text/html

GET
H2 200 amzns2s Show response
rtb.gumgum.com/usync/ Frame A7C3 4 KB
2 KB 93ms
27ms Document
text/html 52.5.153.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.5.153.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-5-153-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3b59c78d4b060c8b66f4af4916b7dbe34524b0415761d4fc4bd3e32c524dab6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 15 Aug 2022 07:23:06 GMT
etag: W/"090c70ee9755bd3b44ac8d8fb679e9ad4"
server: nginx
timing-allow-origin: *

GET
H2

200

usermatch Show response
r.casalemedia.com/ Frame 17F9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

2 KB
2 KB

90ms
39ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 808b4e21ff49db5b210edb80120171c17bf622d17bf105f179c35aa5e877a1b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73b02ed85a2fc466-EWR
content-encoding: br
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
dropped-udsids: 45|39|230|241|13|11|109|46
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhYFWjJygr9dUKIqbs6y%2BArhmiPMLF%2BfRgQG0f0Y9Cw%2BaMXhRw9OiEltgWhRumnnb72W8hCohW5zgrOKyIJE0pBmsvXvqL0WDDC45b%2F5RmsTiXIQ9LGvv6pIWwx%2B8JHSbYXZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73b02ed7acc719e7-EWR
content-type: text/html; charset=iso-8859-1
date: Mon, 15 Aug 2022 07:23:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
location: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B72UlS1z%2F5SEppze20TDaynVJZRecmDW9cGP95i3j%2B%2Fd9NT%2FTbX53DeOJLVIzoKVO5QhJD3uH%2FbzppCOM5Gyqhnrj8L8aPTGE6AiAh3c7ysljczoWS6HqPxIgIfB1kLkwP7mGxw2K1mTCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200 syncb Show response
sync.bfmio.com/ Frame 61B8 818 B
1 KB 129ms
25ms Document
text/html 52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: fcb3c11f4efa03357a0eeedd718e730927b8990492c8fec4683f74b67c20ae53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 818
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:23:06 GMT

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 3EEE 682 B
2 KB 167ms
68ms Document
text/html 69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

b1c24d842b4182d6e0efbaa0fa82ba742a1940fb936892d8afac9f6001fced82

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, private
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Server: sonobi-go
Tcn: Choice
Transfer-Encoding: chunked
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-28
X-Xss-Protection: 0

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 8FDC 722 B
770 B 38ms
29ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ea39a4155ead92f68b216754294b67bfbb7decd47adf6b8b441dc2a5e62f0a83

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 459
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame A947
Redirect Chain

https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3147201397473729423&gdpr=0&gdpr_consent=

43 B
556 B

32ms
32ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3147201397473729423&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: BNNPGTBF81S9G41TS4SJ

Redirect headers

content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=3147201397473729423&gdpr=0&gdpr_consent=

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 9C66
Redirect Chain

https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7989deae155a1223&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEhpBFk-JtygNF8B6hAAAAAAA&expiration=1660634586&is_secure=true&gdpr=0

43 B
556 B

65ms
31ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEhpBFk-JtygNF8B6hAAAAAAA&expiration=1660634586&is_secure=true&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: BEC624R7BMQQRM9525Q0

Redirect headers

cache-control: no-cache, private, max-age=0, no-store
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: 0
location: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAEhpBFk-JtygNF8B6hAAAAAAA&expiration=1660634586&is_secure=true&gdpr=0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma: no-cache
server: nginx

GET
H2 200 / Show response
match.sharethrough.com/jwumXNuB/v1/ Frame BFD9 427 B
612 B 121ms
25ms Document
text/html 34.206.186.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-186-180.compute-1.amazonaws.com
Software: /
Resource Hash: bbdca3fb429814a8ef4ef9f47adc70d51cbe065f360817423b752c976bcac2f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 427
date: Mon, 15 Aug 2022 07:23:06 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C625 15 KB
6 KB 22ms
21ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146198
content-encoding: gzip
content-length: 5549
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 16 Aug 2022 23:59:44 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B997 281 B
573 B 81ms
22ms Document
text/html 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Aug 2022 07:23:06 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 1BFF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1EaHBjWnhsRTJ1SkhLY2dIV1BJSnlaN3hPZmZRUXFhQ35B&gdpr=0&gdpr_consent=

43 B
556 B

45ms
32ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1EaHBjWnhsRTJ1SkhLY2dIV1BJSnlaN3hPZmZRUXFhQ35B&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: XMRBYMXDRCW8W82YDYPA

Redirect headers

age: 0
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1EaHBjWnhsRTJ1SkhLY2dIV1BJSnlaN3hPZmZRUXFhQ35B&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.0.46
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

amazon Show response
ap.lijit.com/beacon/ Frame FBA7
Redirect Chain

https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

1 KB
2 KB

23ms
22ms

Document
text/html

23.92.190.74
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_bf_snb_ox-db5_smrt_cnv_n-smaato_n-sharethrough_pm-db5_n-simpli.fi_rbd_n-emx_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.92.190.74 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 9ac1639220df760d3ed676443d2dac335380c17b6ebf9fb43aea02e84588afb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 1167
Content-Type: text/html
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap4ewr1

Redirect headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length: 0
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Location: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap4ewr1

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 15C8
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=399382343906235679505

43 B
556 B

34ms
32ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=399382343906235679505

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid: AY9GH0GFDWAY6HEKK8EQ

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=399382343906235679505
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H3 204 AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
53ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OkCSQJP_pT0f0566rrkYAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OkCSQJP_pT0f0566rrkYAg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-OkCSQJP_pT0f0566rrkYAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-OkCSQJP_pT0f0566rrkYAg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 124ms
124ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PGvDKcio2CaO3Bk2WrRSbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PGvDKcio2CaO3Bk2WrRSbw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PGvDKcio2CaO3Bk2WrRSbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-PGvDKcio2CaO3Bk2WrRSbw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 127ms
127ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJh5WAa1lm9k8uVWe27hiQ-F67GdDhyssMGg2FhUMpwKt_QbrgxrEh4eEhNR9e4hG-UH-k9xZhqlVU5R2RRtEVu2GhlkZm4b5GugRvf3VUS6IM-GCh7iMXWF90rQfRVFRMVfYklg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kRIFABi8clhGn5vBxcMthg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kRIFABi8clhGn5vBxcMthg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kRIFABi8clhGn5vBxcMthg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-kRIFABi8clhGn5vBxcMthg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVq58Agze8wmIx5QwKpRN5Y-e-H0Kwvtvhyz6-D60z5fNr2yMFHNsBcM6tpkaN6s9xAhHABW06ktSjqOBruuECjSAeW90Sjek0KqEDBPAing1w5X8hXZgIxpj0JdQWH8TyGNhXk_Q== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
61ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVq58Agze8wmIx5QwKpRN5Y-e-H0Kwvtvhyz6-D60z5fNr2yMFHNsBcM6tpkaN6s9xAhHABW06ktSjqOBruuECjSAeW90Sjek0KqEDBPAing1w5X8hXZgIxpj0JdQWH8TyGNhXk_Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwNTQ4MTg2LDgwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3NC5waWN0dXJlcy5naS56aW1iaW8uY29tLyIsbnVsbCxbXV0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b13aaefbad31109f7c3c059b663c8859a7797d37d3d4089255e87ca35302233

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q-qXxURxQ4hnpQWXpJGT3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-q-qXxURxQ4hnpQWXpJGT3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-q-qXxURxQ4hnpQWXpJGT3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-q-qXxURxQ4hnpQWXpJGT3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Mon, 15 Aug 2022 07:23:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 8FDC 43 B
556 B 76ms
33ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=03d02ff1-af2b-852a-8b35-03948a8752c4

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: SVH3SCF20GH118DK1795
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8FDC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvn0WgAGjxk8egAK

43 B
122 B

38ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvn0WgAGjxk8egAK
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1660548187.835208,VS0,VE0
x-served-by: cache-ewr18147-EWR
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yvn0WgAGjxk8egAK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cfc135c8-232d-ac99-7aec-97f61de3546d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 8FDC 43 B
992 B 31ms
29ms Image
image/gif 2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/cfc135c8-232d-ac99-7aec-97f61de3546d?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:dfd:3c13:bf50:83ba Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8FDC
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=5b06538c-b381-3ed0-4b3b-8103e2b49924&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttd_puid=5b06538c-b381-3ed0-4b3b-8103e2b49924&gdpr=0&gdpr_consent=

43 B
249 B

32ms
28ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttd_puid=5b06538c-b381-3ed0-4b3b-8103e2b49924&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttd_puid=5b06538c-b381-3ed0-4b3b-8103e2b49924&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 8FDC 170 B
188 B 41ms
40ms Image
image/png 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Nzc2OTgwNDYtN2FmNi02MDc0LTVlZGItZGJiYTI4NTY1NzQ0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8FDC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOd_5WiLV8oZ3qaPYDYP69E&google_cver=1

43 B
106 B

30ms
29ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOd_5WiLV8oZ3qaPYDYP69E&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOd_5WiLV8oZ3qaPYDYP69E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B997 31 KB
10 KB 22ms
22ms Script
text/html 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 28a10ec7cb172ca7b3c233179d156c3f28bdef7894887f398b34cc6033ee5c98

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32268
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Mon, 15 Aug 2022 16:20:54 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=4399279868920492754

35 B
250 B

86ms
27ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=4399279868920492754
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: 09b0b912-4cc0-4aad-982a-21477696387a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=4399279868920492754
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=&us_privacy=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=53cdd606-493b-4a47-aaff-fd777b3060d5&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=8069c585-162d-407f-bfa0-ba35b11c7aae

35 B
250 B

26ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=8069c585-162d-407f-bfa0-ba35b11c7aae
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=8069c585-162d-407f-bfa0-ba35b11c7aae
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame A7C3
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_34909710-7515-442a-b8cf-529e12e8aae1&obuid=ENC(GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DGxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCN...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=da5a95f8-4477-483a-9a6a-1e9ead2728d1&obUid=GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg

0
145 B

20ms
20ms

Image
text/plain

64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=da5a95f8-4477-483a-9a6a-1e9ead2728d1&obUid=GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 64.202.112.95 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: no-cache
X-TraceId: fbecfdb2c2ae17fa53b57467a1827183
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=da5a95f8-4477-483a-9a6a-1e9ead2728d1&obUid=GxJvlekyVC0SUyWeOUfShxbTkz-AeVRVOoSCNckOMoVgBPdafGk_s8_nb16fLJYg
date: Mon, 15 Aug 2022 07:23:07 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=ac3bf7fc-9b94-0686-2c40-91ee2ae49862

35 B
250 B

107ms
29ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=ac3bf7fc-9b94-0686-2c40-91ee2ae49862
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=ac3bf7fc-9b94-0686-2c40-91ee2ae49862
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-9d4993ac-55ec-4f08-4df1-383cd790622a$ip$96.9.249.36

35 B
250 B

108ms
28ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-9d4993ac-55ec-4f08-4df1-383cd790622a$ip$96.9.249.36
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-9d4993ac-55ec-4f08-4df1-383cd790622a$ip$96.9.249.36
Date: Mon, 15 Aug 2022 07:23:06 GMT
Connection: keep-alive
Content-Length: 125
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-Qlb5V2pE2pcNtZX_6HraYiM.ojbDmQFvOhS2~A

35 B
250 B

125ms
30ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-Qlb5V2pE2pcNtZX_6HraYiM.ojbDmQFvOhS2~A
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://usersync.gumgum.com/usersync?b=oth&i=y-Qlb5V2pE2pcNtZX_6HraYiM.ojbDmQFvOhS2~A
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
https://usersync.gumgum.com/usersync?b=vnt&i=febe0555-4cde-43e9-9e1e-e1fece164480

35 B
250 B

123ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=febe0555-4cde-43e9-9e1e-e1fece164480
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=febe0555-4cde-43e9-9e1e-e1fece164480
Date: Mon, 15 Aug 2022 07:23:06 GMT
X-CI-RTID: dc7f0aa9-bb55-420c-b480-11b51c367fc4
Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
https://usersync.gumgum.com/usersync?b=snc&i=595A92C807BD4B9D8958F7C79509FE27

35 B
250 B

90ms
27ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=snc&i=595A92C807BD4B9D8958F7C79509FE27
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 varnish
server: nginx
age: 0
location: https://usersync.gumgum.com/usersync?b=snc&i=595A92C807BD4B9D8958F7C79509FE27
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 452170926
access-control-allow-origin: *
content-type: text/plain
content-length: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
https://usersync.gumgum.com/usersync?b=dit&i=di_0f5dcccb93994be09a0a2

35 B
250 B

121ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=dit&i=di_0f5dcccb93994be09a0a2
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=dit&i=di_0f5dcccb93994be09a0a2
date: Mon, 15 Aug 2022 07:23:06 GMT
server: a
content-type: image/gif
content-length: 0
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=u_34909710-7515-442a-b8cf-529e12e8aae1&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=-qCzjeY4KNk7QUar7U_9&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2LLRIN5GUZKZGRFU42ZXKFKWC4RXKVPTS
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-qCzjeY4KNk7QUar7U_9

35 B
250 B

27ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-qCzjeY4KNk7QUar7U_9
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=-qCzjeY4KNk7QUar7U_9
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 103
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=da5a95f8-4477-483a-9a6a-1e9ead2728d1

35 B
250 B

27ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=da5a95f8-4477-483a-9a6a-1e9ead2728d1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=da5a95f8-4477-483a-9a6a-1e9ead2728d1
date: Mon, 15 Aug 2022 07:23:07 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
sync.targeting.unrulymedia.com/csync/ Frame A7C3
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005&rndcb=4012877152
https://r.bidswitch.net/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=8069c585-162d-407f-bfa0-ba35b11c7aae
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=8069c585-162d-407f-bfa0-ba35b11c7aae&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3205&partner_device_id=8069c585-162d-407f-bfa0-ba35b11c7aae&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=bb6f26e7-c780-4c86-98d7-663bb503824b%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&ttd_puid=bb6f26e7-c780-4c86-98d7-663bb503824b%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync...
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=adconductor&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae
https://sync.1rx.io/usersync/bidswitch/8069c585-162d-407f-bfa0-ba35b11c7aae?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005

43 B
435 B

27ms
27ms

Image
image/gif

199.127.204.142
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:08 GMT
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:08 GMT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=oKcfcqjcKA90&ev=1&pid=558355

35 B
250 B

114ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=oKcfcqjcKA90&ev=1&pid=558355
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://usersync.gumgum.com/usersync?b=pln&i=oKcfcqjcKA90&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-674f655b67-75kdz
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame A7C3
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=4621261498042866653

35 B
250 B

31ms
26ms

Image
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=4621261498042866653
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=4621261498042866653
date: Mon, 15 Aug 2022 07:23:06 GMT
content-length: 0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame A7C3 43 B
556 B 33ms
32ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_34909710-7515-442a-b8cf-529e12e8aae1

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 66TXR789T2TZPZV2ANP2
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 6963
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=0&gdpr_consent=

35 B
250 B

122ms
28ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Mon, 15 Aug 2022 07:23:05 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4475 c1dc35a master ord-pixel-x48 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=b14a62f9-f45a-4e00-bf0a-9beda717122b&gdpr=0&gdpr_consent=

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame A963
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=atm&i=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=

35 B
250 B

126ms
27ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=atm&i=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://usersync.gumgum.com/usersync?b=atm&i=Yvn0WgAGjxk8egAK&gdpr=0&gdpr_consent=
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-ewr18147-EWR
x-timer: S1660548187.922128,VS0,VE0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame C042 170 B
188 B 38ms
37ms Document
image/png 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8zNDkwOTcxMC03NTE1LTQ0MmEtYjhjZi01MjllMTJlOGFhZTE=&gdpr=0&gdpr_consent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

a69-192-109-53.deploy.static.akamaitechnologies.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:23:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F9C9 15 KB
6 KB 22ms
21ms Document
text/html 69.192.109.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Requested by

Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.192.109.53 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://ci-va2qa-mgmt.pubmatic.com
cache-control: max-age=146198
content-encoding: gzip
content-length: 5549
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Tue, 16 Aug 2022 23:59:44 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 6A67
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=ttd&i=743c1b44-933e-4111-9ad8-0775ef5b3ede

35 B
250 B

120ms
31ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=ttd&i=743c1b44-933e-4111-9ad8-0775ef5b3ede
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: private,no-cache, must-revalidate
content-length: 193
content-type: text/html
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://usersync.gumgum.com/usersync?b=ttd&i=743c1b44-933e-4111-9ad8-0775ef5b3ede
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 983C
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=emx&i=$UIDbrt56841660548186860521b4
https://usersync.gumgum.com/usersync?b=emx&i=4399279868920492754brt56841660548186860521b4

35 B
250 B

99ms
31ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=4399279868920492754brt56841660548186860521b4
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

AN-X-Request-Uuid: 30cae433-8620-48f6-bbc6-8926ac9c751a
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Aug 2022 07:23:06 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://usersync.gumgum.com/usersync?b=emx&i=4399279868920492754brt56841660548186860521b4
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 1768
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=Yvn0W8Co5sEAAOjY6VcAAAAA

35 B
250 B

27ms
26ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=Yvn0W8Co5sEAAOjY6VcAAAAA
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Mon, 15 Aug 2022 07:23:07 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=Yvn0W8Co5sEAAOjY6VcAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 9
X-SO-Cluster-ID: 17
X-SO-HostName: a-ad40010.dc2p.scaleout.jp
X-SO-IP: 96.9.249.36
X-SO-Key: Yvn0W8Co5sEAAOjY6VcAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":17,"gdpr":false,"ipv4":"96.9.249.36","key":"Yvn0W8Co5sEAAOjY6VcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40010"}
X-SO-LB-Hostname: a-tgng40003.dc2p.scaleout.jp
X-SO-Upstream-ID: a-ad40010

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 8DAF
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=9x9bLknQ2UfEQrEtmyeH&pi=gumgum&tc=1

35 B
250 B

27ms
27ms

Document
image/gif

3.213.224.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=9x9bLknQ2UfEQrEtmyeH&pi=gumgum&tc=1
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.213.224.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-224-199.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Mon, 15 Aug 2022 07:23:07 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Mon, 15 Aug 2022 07:23:07 GMT Mon, 15 Aug 2022 07:23:07 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=9x9bLknQ2UfEQrEtmyeH&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7672
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
573 B

22ms
22ms

Document
text/html

23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 15 Aug 2022 07:23:07 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Unused62: 8096267
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 15 Aug 2022 07:23:06 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame FBA7 43 B
556 B 33ms
32ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=FJhbcPZH44uPPdqwTl29HFLd&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZPXW1C22W4BEDV5GD033
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame FBA7
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=10&3pid=968625781017952823

43 B
859 B

51ms
21ms

Image
image/gif

72.251.238.254
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=10&3pid=968625781017952823
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: https://ce.lijit.com/merge?pid=10&3pid=968625781017952823
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame FBA7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=87&3pid=b88a763f-29d9-4227-bc63-bc651295a12e

43 B
877 B

72ms
22ms

Image
image/gif

72.251.238.254
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=87&3pid=b88a763f-29d9-4227-bc63-bc651295a12e
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location: //ce.lijit.com/merge?pid=87&3pid=b88a763f-29d9-4227-bc63-bc651295a12e
date: Mon, 15 Aug 2022 07:23:06 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame FBA7
Redirect Chain

https://um.simpli.fi/lj_match?r=1660548186874&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=2&3pid=217E2E5E244E4FE38B8FED528A1D6A1E

43 B
872 B

80ms
26ms

Image
image/gif

72.251.238.254
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=217E2E5E244E4FE38B8FED528A1D6A1E
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
server: openresty
location: https://ce.lijit.com/merge?pid=2&3pid=217E2E5E244E4FE38B8FED528A1D6A1E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:23:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FBA7
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkpoYmNQWkg0NHVQUGRxd1RsMjlIRkxk&gdpr=0

170 B
188 B

38ms
36ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkpoYmNQWkg0NHVQUGRxd1RsMjlIRkxk&gdpr=0

Requested by

Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1

Protocol

Server

142.250.65.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-143-204-150-76.ewr52.r.cloudfront.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 Aug 2022 07:23:06 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=RkpoYmNQWkg0NHVQUGRxd1RsMjlIRkxk&gdpr=0
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap4ewr1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame FBA7
Redirect Chain

https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=2W3dzYlrjs3COoyXjjmWwopog8bCbY2WjWd5hi-Y

43 B
881 B

73ms
21ms

Image
image/gif

72.251.238.254
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=2W3dzYlrjs3COoyXjjmWwopog8bCbY2WjWd5hi-Y
Requested by: Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol: HTTP/1.1
Server: 72.251.238.254 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1ewr1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=2W3dzYlrjs3COoyXjjmWwopog8bCbY2WjWd5hi-Y
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 204 AGSKWxXp0ErvMOOH4JHZyikLIJUUOYM9fw5RSQs8zxPWQMnDJZZwebcaGcb8h9zOQ1Mag96lxBeVHXUnFHjdC06_L9zmbVy1pngaVy1Pm4dfqi6rPt9w1B9W8Dt5FQTry2KGEkADLZC0xA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
43ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXp0ErvMOOH4JHZyikLIJUUOYM9fw5RSQs8zxPWQMnDJZZwebcaGcb8h9zOQ1Mag96lxBeVHXUnFHjdC06_L9zmbVy1pngaVy1Pm4dfqi6rPt9w1B9W8Dt5FQTry2KGEkADLZC0xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VOScI2m5h7zCvE5-ixPElw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VOScI2m5h7zCvE5-ixPElw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VOScI2m5h7zCvE5-ixPElw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-VOScI2m5h7zCvE5-ixPElw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXp0ErvMOOH4JHZyikLIJUUOYM9fw5RSQs8zxPWQMnDJZZwebcaGcb8h9zOQ1Mag96lxBeVHXUnFHjdC06_L9zmbVy1pngaVy1Pm4dfqi6rPt9w1B9W8Dt5FQTry2KGEkADLZC0xA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 131ms
131ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXp0ErvMOOH4JHZyikLIJUUOYM9fw5RSQs8zxPWQMnDJZZwebcaGcb8h9zOQ1Mag96lxBeVHXUnFHjdC06_L9zmbVy1pngaVy1Pm4dfqi6rPt9w1B9W8Dt5FQTry2KGEkADLZC0xA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JXEXK_6Z1qmkLe9dYoN6dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JXEXK_6Z1qmkLe9dYoN6dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-JXEXK_6Z1qmkLe9dYoN6dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JXEXK_6Z1qmkLe9dYoN6dg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxW3ONBFJPbPRq2iiBZIHayspqCZhit4nBPhhMCyvP8ylQTTzlRPuUI70Qi1d8YBOAkYO3LIFNLNx5JlYwuRPZ42Td07nDvVd19Nn4V76tTLfm7K1kfrNeyiTpxh0jsV7yCQ9C8oTQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 58ms
57ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW3ONBFJPbPRq2iiBZIHayspqCZhit4nBPhhMCyvP8ylQTTzlRPuUI70Qi1d8YBOAkYO3LIFNLNx5JlYwuRPZ42Td07nDvVd19Nn4V76tTLfm7K1kfrNeyiTpxh0jsV7yCQ9C8oTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwNTQ4MTg2LDk0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiw5XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3c0LnBpY3R1cmVzLmdpLnppbWJpby5jb20vIixudWxsLFtdXQ

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d802d1aeef8734c48d0bccd2e52f7e560d0fb418a92df5ed22ab22c2794f6d4b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-h9YSzmr_RYRXuJt2zo8eEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-h9YSzmr_RYRXuJt2zo8eEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-h9YSzmr_RYRXuJt2zo8eEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-h9YSzmr_RYRXuJt2zo8eEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame BFD9 43 B
556 B 34ms
32ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=cfd1d650-5b63-4099-b07e-5b1316f807f9

Requested by

Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:06 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: JMWWMAPYERB4P4VMN61K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame BFD9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

68 B
279 B

26ms
26ms

Image
image/png

34.206.186.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-186-180.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame BFD9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
https://b1sync.zemanta.com/usersync/sharethrough/
https://stags.bluekai.com/site/23178?id=-qCzjeY4KNk7QUar7U_9&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZZW65LSMNSV62LEHVQTOOJTGUZTANJYGE2GMODDGVSTE...
https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=-qCzjeY4KNk7QUar7U_9

68 B
279 B

25ms
25ms

Image
image/png

34.206.186.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=-qCzjeY4KNk7QUar7U_9
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-186-180.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
P3p: CP="We do not support P3P header."
Location: https://match.sharethrough.com/sync/v1?source_id=a7935305814f8c5e2a34ba54&source_user_id=-qCzjeY4KNk7QUar7U_9
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 136
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame BFD9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

68 B
279 B

28ms
24ms

Image
image/png

34.206.186.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-186-180.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2

200

v1
match.sharethrough.com/sync/ Frame BFD9
Redirect Chain

https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=

68 B
279 B

29ms
25ms

Image
image/png

34.206.186.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
Requested by: Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol: H2
Server: 34.206.186.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-186-180.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 61B8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
https://sync.bfmio.com/sync?pid=106&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede

0
589 B

56ms
25ms

Image
text/plain

52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=106&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.bfmio.com/sync?pid=106&uid=743c1b44-933e-4111-9ad8-0775ef5b3ede
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 183

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 61B8
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=217E2E5E244E4FE38B8FED528A1D6A1E

0
421 B

26ms
26ms

Image
text/plain

52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=217E2E5E244E4FE38B8FED528A1D6A1E
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:23:06 GMT
x-content-type-options: nosniff
server: openresty
location: https://sync.bfmio.com/sync?pid=141&uid=217E2E5E244E4FE38B8FED528A1D6A1E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 14 Aug 2022 07:23:06 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 61B8
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=2953
https://sync.tidaltv.com/genericusersync.ashx?dpid=2953&s_h=1
https://sync.bfmio.com/sync?pid=102&uid=270db8e1-9279-4efe-829e-0985c7c4a911

0
421 B

26ms
26ms

Image
text/plain

52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=102&uid=270db8e1-9279-4efe-829e-0985c7c4a911
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

location: https://sync.bfmio.com/sync?pid=102&uid=270db8e1-9279-4efe-829e-0985c7c4a911
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 61B8
Redirect Chain

https://ad.mrtnsvr.com/sync/beachfront
https://sync.bfmio.com/sync?pid=187&uid=nyniy5HaM

0
394 B

26ms
25ms

Image
text/plain

52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=187&uid=nyniy5HaM
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

location: https://sync.bfmio.com/sync?pid=187&uid=nyniy5HaM
date: Mon, 15 Aug 2022 07:23:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76
vary: Origin
content-type: text/html; charset=utf-8

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 61B8
Redirect Chain

https://sync.1rx.io/usersync2/beachfront
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005&rndcb=5929957766
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=8069c585-162d-407f-bfa0-ba35b11c7aae&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=7dc5fab1-7e20-430f-a375-9317bba0deee&expires=1&user_group=5&ssp=adconductor&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae
https://sync.1rx.io/usersync/bidswitch/8069c585-162d-407f-bfa0-ba35b11c7aae?gdpr=&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005?redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D179%26uid%3DRX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
https://sync.bfmio.com/sync?pid=179&uid=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005

0
428 B

30ms
26ms

Image
text/plain

52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=179&uid=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:23:07 GMT

Redirect headers

Location: https://sync.bfmio.com/sync?pid=179&uid=RX-f3df65f6-9cae-4077-a4c5-1402bc8fa6dc-005
Date: Mon, 15 Aug 2022 07:23:07 GMT
Connection: keep-alive
Content-Type: text/html
ETag: RXf3df65f69cae4077a4c51402bc8fa6dc005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 61B8
Redirect Chain

https://match.prod.bidr.io/cookie-sync/bch
https://sync.bfmio.com/sync?pid=168&uid=AAEXRU7F8-kAABGN1-KwZQ

0
411 B

41ms
25ms

Image
text/plain

52.3.216.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=168&uid=AAEXRU7F8-kAABGN1-KwZQ
Requested by: Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137&gdpr=0
Protocol: HTTP/1.1
Server: 52.3.216.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-216-106.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 15 Aug 2022 07:23:06 GMT

Redirect headers

location: https://sync.bfmio.com/sync?pid=168&uid=AAEXRU7F8-kAABGN1-KwZQ
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 17F9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Yvn0WkgbCe6CMOaiNj2AXwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM1Zp1SpFHT0TbJ9mx0v0vc&google_cver=1

43 B
943 B

40ms
40ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM1Zp1SpFHT0TbJ9mx0v0vc&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02ed9cc3417b9-EWR
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruK9ReSClk5fiid5k0dTAfyIsobaMPsp1oj5xxhp2Hs4qbtKbpA5VtJTF8l7UVMVf6J%2FCPcH9oxD4W0g6TQ%2BWC7p69uKs%2BLWpp3wNbAqQRhuJpbDQ%2BBvtcwmbV0IJAxV3pFF8LhzdCT3sg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM1Zp1SpFHT0TbJ9mx0v0vc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 17F9
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&expiration=1663140187&gdpr=0&gdpr_consent=

43 B
416 B

47ms
38ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&expiration=1663140187&gdpr=0&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02ed93c2c8ccc-EWR
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEVfwSsQSV1Ch4qq3GT3Vy9dFTvQ9RZApX1awrRTwsFzY8zalmg1cexjeDt9U9VMgAlKvVWk228R4ZGSc2bMr5YJIrV6s%2FrUs3x1gXPtY6hGHBQU7%2BYm7ipX01LS1ESQ1Qk5J1uCOVrXSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=743c1b44-933e-4111-9ad8-0775ef5b3ede&expiration=1663140187&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 17F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yvn0WkgbCe6CMOaiNj2AXwAAAigAAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM17LXR4aCYo4SjQm-3OUgk&google_cver=1

43 B
947 B

61ms
36ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM17LXR4aCYo4SjQm-3OUgk&google_cver=1
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02ed9889732e2-EWR
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgxBoQ4HrHkFYEXdZqGkSI30AkPIixvwad8Lq7bbVXN%2FuTZiAlWW5XNw7nKMrAptZyUxP5TqyUamRpzMAUwaZ5wws3%2FAXzlFeAXUeZrVGcR52pNA10S%2F69tZtEgaqf%2BgAgLfRwqwhk7gCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEM17LXR4aCYo4SjQm-3OUgk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 17F9 43 B
932 B 36ms
34ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Yvn0WkgbCe6CMOaiNj2AXwAAAigAAAAB

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9ZA7S2S5VAXAQ4MSJZ0D
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 17F9
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=08042204079eaa2d59b5fbfa&expiration=[EXPIRATION]

43 B
912 B

35ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=08042204079eaa2d59b5fbfa&expiration=[EXPIRATION]
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02ed9ec5517b9-EWR
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnH4NPnU9AXHLdRSU3VnBD41Z3LSAMFU8Nq%2Fxt4Fto5oDABHIeNF%2Fkp%2BJVS8GxQVBmTbWEtPXJTEhDUYxO6XN4GhKRd8VJjailWZVRQgPHHczoPXF8SE5nxT%2BvKtRBlFELwkU30XKtvlpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=08042204079eaa2d59b5fbfa&expiration=[EXPIRATION]
Date: Mon, 15 Aug 2022 07:23:07 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H2 502 index.gif
euexchangesync.digitaleast.mobi/usersync/ Frame 17F9 0
0 150ms
98ms Image
text/html 34.95.81.168
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 168.81.95.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 17F9
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bebcb8da1e544f67b60dbfdab4449e11&expiration=1663140187

43 B
906 B

67ms
44ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bebcb8da1e544f67b60dbfdab4449e11&expiration=1663140187
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02ed9cc3217b9-EWR
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnI5nkC%2B3FSnsgG1EdfGqpiW7vpxyUn8oegN%2BF9jQC1pGGE9o0HfJWATQYd0WxoAp9WrLuVz4MXxC%2B8sIa114yrFEuUt4hjJo03fHHRJf666ci5GQ7RAMtOTtcedsDKPrzydbNQBbN1WaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:06 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=bebcb8da1e544f67b60dbfdab4449e11&expiration=1663140187
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/ Frame 17F9
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4399279868920492754

43 B
430 B

42ms
36ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4399279868920492754
Requested by: Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 73b02ed93c2f8ccc-EWR
pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tztck%2B7MzWV38WKQ%2BssT6KDDG0aX55xu0HMI4QaQSORosNA1KAOTyEgdQm0YDVT5jrQJ1SbNXXHdldNcoWO33adCOI2DYZ%2FTp22BpF99uiBRDvU%2B0coWaeOHzK0GIgEmJ8MIFnPEDam2rw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid: ca42a98d-79d4-4c24-ac1a-e6f83c61cf4b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4399279868920492754
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 17F9 43 B
556 B 34ms
33ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Yvn0WkgbCe6CMOaiNj2AXwAAAigAAAAB

Requested by

Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: HQVVHQG03663BK8JR58E
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 3EEE
Redirect Chain

https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae&google_hm=ODA2OWM1ODUtMTYyZC00MDdmLWJmYTAtYmEzNWIxMWM3YWFl
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPpFR-bUdETm9xxh9J5Ny1E&google_cver=1&ssp=sonobi&bsw_param=8069c585-162d-407f-bfa0-ba35b11c7aae
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=8069c585-162d-407f-bfa0-ba35b11c7aae

49 B
864 B

28ms
28ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=8069c585-162d-407f-bfa0-ba35b11c7aae

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-28
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=8069c585-162d-407f-bfa0-ba35b11c7aae
Date: Mon, 15 Aug 2022 07:23:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 3EEE
Redirect Chain

https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b14a62f9-f45a-4e00-bf0a-9beda717122b

49 B
864 B

34ms
28ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b14a62f9-f45a-4e00-bf0a-9beda717122b

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-28
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: MT3 4475 c1dc35a master ord-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=b14a62f9-f45a-4e00-bf0a-9beda717122b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 Aug 2022 07:23:06 GMT

GET
H/1.1

200
OK

us.gif
sync.go.sonobi.com/ Frame 3EEE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=91e92b73fd&gdpr=0&gdpr_consent=
https://sync.go.sonobi.com/us.gif?nw=td&nuid=743c1b44-933e-4111-9ad8-0775ef5b3ede&pubid=91e92b73fd

49 B
864 B

63ms
28ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=td&nuid=743c1b44-933e-4111-9ad8-0775ef5b3ede&pubid=91e92b73fd

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-28
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.go.sonobi.com/us.gif?nw=td&nuid=743c1b44-933e-4111-9ad8-0775ef5b3ede&pubid=91e92b73fd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 227

GET
H/1.1

200
OK

usg.gif
sync.go.sonobi.com/ Frame 3EEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=Zjc5MTBmMGQtM2MyMi00MzIyLWE1MzctZmQ5ZTJjNDhmNGQ0
https://sync.go.sonobi.com/usg.gif?google_gid=CAESENRfy9HQfuB6-QdME48TbWc&google_cver=1

49 B
858 B

58ms
28ms

Image
image/gif

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usg.gif?google_gid=CAESENRfy9HQfuB6-QdME48TbWc&google_cver=1

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-28
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.go.sonobi.com/usg.gif?google_gid=CAESENRfy9HQfuB6-QdME48TbWc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 3EEE 43 B
556 B 35ms
33ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=f7910f0d-3c22-4322-a537-fd9e2c48f4d4

Requested by

Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=91e92b73fd&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: TNVN76Y5GFW1ZJCKNC4Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 AGSKWxWdUYq4q-7REySb8SkVMoKP57rQYKHbLOuVBWKb_zcQR7BQP_zcgUZ7ZKcwf244mZtzyA52Q_D3qXuAUG7HnTrYI3EYNuhEBtCwnzj1rRG2U5mUsgUMHAcM9fxI7HksGwCs3m4_8A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
44ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWdUYq4q-7REySb8SkVMoKP57rQYKHbLOuVBWKb_zcQR7BQP_zcgUZ7ZKcwf244mZtzyA52Q_D3qXuAUG7HnTrYI3EYNuhEBtCwnzj1rRG2U5mUsgUMHAcM9fxI7HksGwCs3m4_8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rkD1H25CUPRjDOGDasEwoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rkD1H25CUPRjDOGDasEwoA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-rkD1H25CUPRjDOGDasEwoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-rkD1H25CUPRjDOGDasEwoA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWdUYq4q-7REySb8SkVMoKP57rQYKHbLOuVBWKb_zcQR7BQP_zcgUZ7ZKcwf244mZtzyA52Q_D3qXuAUG7HnTrYI3EYNuhEBtCwnzj1rRG2U5mUsgUMHAcM9fxI7HksGwCs3m4_8A== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 131ms
125ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWdUYq4q-7REySb8SkVMoKP57rQYKHbLOuVBWKb_zcQR7BQP_zcgUZ7ZKcwf244mZtzyA52Q_D3qXuAUG7HnTrYI3EYNuhEBtCwnzj1rRG2U5mUsgUMHAcM9fxI7HksGwCs3m4_8A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Xk3W0Sa37DjI37KPV3CvHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Xk3W0Sa37DjI37KPV3CvHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Xk3W0Sa37DjI37KPV3CvHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Xk3W0Sa37DjI37KPV3CvHQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 128ms
128ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XSsgB2PuM6I2vSBf1ssCIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-XSsgB2PuM6I2vSBf1ssCIQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-XSsgB2PuM6I2vSBf1ssCIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-XSsgB2PuM6I2vSBf1ssCIQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 131ms
131ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aWer2BevoAr0wO2aSUhHUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aWer2BevoAr0wO2aSUhHUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-aWer2BevoAr0wO2aSUhHUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-aWer2BevoAr0wO2aSUhHUQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 131ms
131ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uhHA-cv2ZfDGqMJIXnA0kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uhHA-cv2ZfDGqMJIXnA0kw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uhHA-cv2ZfDGqMJIXnA0kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-uhHA-cv2ZfDGqMJIXnA0kw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 131ms
130ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6QApq-BSZZAkZf1rYltA5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6QApq-BSZZAkZf1rYltA5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6QApq-BSZZAkZf1rYltA5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6QApq-BSZZAkZf1rYltA5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 131ms
131ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU_eqAPMA7dd4le3WYDpiXKfc1BfIdz1XUA9vV3n6s92SouufUO9AxWulhOi3Ca37q1V_3BwrGWtC2NVB-xJqcGhER0rM1UbXQRGQPf_PqejDQvgK8wFXHl4xlzFbCcgBJbAvQ9lg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qMGnL31_em5wiNviVzGGCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qMGnL31_em5wiNviVzGGCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-qMGnL31_em5wiNviVzGGCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qMGnL31_em5wiNviVzGGCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7672 31 KB
10 KB 23ms
23ms Script
text/html 23.73.244.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-244-44.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 28a10ec7cb172ca7b3c233179d156c3f28bdef7894887f398b34cc6033ee5c98

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 07:23:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=32267
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Mon, 15 Aug 2022 16:20:54 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 183ms
183ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=8f441d46-cc28-4cc8-89d0-6246e7d256e5
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/f234822c-0aae-41ce-8843-23538710f825-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 07:23:07 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H2 200 b-01880f1-fe6ef3c7.js Show response
tagan.adlightning.com/livingly-v3/ Frame 2E33 81 KB
30 KB 24ms
24ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:31:07 GMT
content-encoding: gzip
age: 75120
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: LdThH16Xnec2On_9wZdDQ9RVSAOyZ1K_
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: XIjZBUdfxjO3obTsuQgnLfe5Tq51CdgBVIiR5OJEgdZg8vKQ8BuZ4w==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E33 140 KB
44 KB 93ms
44ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 07:23:07 GMT

GET
H2 200 b-01880f1-fe6ef3c7.js Show response
tagan.adlightning.com/livingly-v3/ Frame 2E3B 81 KB
30 KB 24ms
23ms Script
application/javascript 54.230.163.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c94eecb1326fe53ddf0197241b5a03d7051732458518f340c2917446912bb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 10:31:07 GMT
content-encoding: gzip
age: 75120
x-cache: Hit from cloudfront
content-length: 30633
x-amz-meta-git_commit: 01880f1
last-modified: Wed, 23 Mar 2022 19:27:46 GMT
server: AmazonS3
etag: "77e7f1f4d3ab931b5283cfd240a93db5"
x-amz-version-id: LdThH16Xnec2On_9wZdDQ9RVSAOyZ1K_
via: 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR53-C3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 37ullviHREvohW0-kMNF1laSCX8GPwr9Hk7Ti2Szy4P0a-GmaI347A==

GET
H2 204 beacon.gif
www4.pictures.gi.zimbio.com/ 0
108 B 102ms
101ms Image
text/plain 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.gi.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22ad_render%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22GVQUXF3TYF385097814272420130%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22GVQUXF3TYF3%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22B%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22ad_render%22%3A%7B%22advertiserId%22%3A%2212351034%22%2C%22campaignId%22%3A%222348985077%22%2C%22creativeId%22%3A%22138238613185%22%2C%22isEmpty%22%3A%22false%22%2C%22labelIds%22%3Anull%2C%22lineItemId%22%3A%224734894853%22%2C%22slotContentChanged%22%3A%22true%22%2C%22yieldGroupIds%22%3Anull%2C%22advertiser%22%3A%22Criteo%22%2C%22size%22%3A%22300x600%22%2C%22adUnitPath%22%3A%22%2F1028834%2FZM%2FZM_DT_Top_300x250%22%2C%22slotId%22%3A%22storyAd%22%2C%22adUnit%22%3A%22ZM_DT_Top_300x250%22%2C%22impId%22%3A%22GVQUXF3TYF371354578772555750%22%2C%22MaxBid%22%3A98%2C%22FloorAdX%22%3A95%2C%22impressionType%22%3A%22prebid+auction%22%2C%22adId%22%3A%2250ce35a71b893b8%22%2C%22ecpm%22%3A98%2C%22relLift%22%3A99%2C%22meta%22%3A%22permutive%3D36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210%2Crts%3BDomain%3DZimbio%3BCategory%3DEnt%3BChannel%3DHomepage%3BPV%3D001%3BSource%3Dothr%3BMedia_Type%3DHomepage%3BTester%3DB%3BRcode%3DZM_Orgc%3Bpuid%3D3f86dc11-51f7-4b4f-befd-c63993a4b1de%3Bptime%3D1660548185490%3Bstack%3Dprebird%3BconsentGDPR%3Dtrue%3Bsid%3DGVQUXF3TYF3%3Brefresh%3D1%3Bamznbid%3Dr26f4%3Bamznp%3Dw1z40%3Bamzniid%3DIwux6NQlgCk8vkLnkmVozu0AAAGCoGKB3gEAAAyiAQAslhny%3Bamznsz%3D300x600%3Bhb_pb_criteo%3D0.98%3Bhb_adid_criteo%3D50ce35a71b893b8%3Bhb_size_criteo%3D300x600%3Bhb_crid_criteo%3D22bcba60c4b092a%3BMaxBid%3D0098%3Bsize%3D300x600%3BrelLift%3D99%3BFloorAdX%3D0095%3Badxtestboost%3D0%3Bfloors%3Dgoog2%2Crobin1%3BDealGroup%3D2%3BimpId%3DGVQUXF3TYF371354578772555750%3BiTiming%3DA166B1726C1726D803E2100F2103G2883%3BCmpdb%3D%3BCmptgdb%3D%3BUpdatedActiveBidders%3D+%3BwindowInnerWidth%3A1600%3BwindowInnerHeight%3A1200%22%7D%7D

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 73866
date: Mon, 15 Aug 2022 07:23:07 GMT
via: 1.1 varnish, 1.1 varnish
server: nginx/1.4.6 (Ubuntu)
x-timer: S1660548188.528605,VS0,VE74
x-served-by: cache-bfi-krnt7300108-BFI, cache-ewr18128-EWR
strict-transport-security: max-age=31557600
x-cache: MISS, MISS
cache-control: max-age=0
x-cache-hits: 0, 0
accept-ranges: bytes
expires: Mon, 15 Aug 2022 07:23:07 GMT

GET
H2 204 beacon.gif
www4.pictures.gi.zimbio.com/ 0
165 B 101ms
100ms Image
text/plain 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www4.pictures.gi.zimbio.com/beacon.gif?x=%7B%22event%22%3A%22ad_render%22%2C%22v%22%3A%222.0%22%2C%22url%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22q%22%3A%22%22%2C%22id%22%3A%22GVQUXF3TYF344785312815152170%22%2C%22plat%22%3A%22desktop%22%2C%22page%22%3A%22homepage%22%2C%22camp%22%3A%22%22%2C%22dev%22%3A%22%22%2C%22pv%22%3A1%2C%22sid%22%3A%22GVQUXF3TYF3%22%2C%22src%22%3A%22othr%22%2C%22buck%22%3A%22B%22%2C%22seo%22%3A%22G%22%2C%22auth%22%3A%22%22%2C%22guid%22%3A%22%22%2C%22ad_render%22%3A%7B%22advertiserId%22%3Anull%2C%22campaignId%22%3Anull%2C%22creativeId%22%3Anull%2C%22isEmpty%22%3A%22false%22%2C%22labelIds%22%3Anull%2C%22lineItemId%22%3Anull%2C%22slotContentChanged%22%3A%22true%22%2C%22yieldGroupIds%22%3A%2276046%22%2C%22advertiser%22%3A%22Google%22%2C%22size%22%3A%22970x250%22%2C%22adUnitPath%22%3A%22%2F1028834%2FZM%2FZM_DT_Subnav_970x90%22%2C%22slotId%22%3A%22pushdown%22%2C%22adUnit%22%3A%22ZM_DT_Subnav_970x90%22%2C%22impId%22%3A%22GVQUXF3TYF388180172105508980%22%2C%22MaxBid%22%3A0%2C%22FloorAdX%22%3A5%2C%22impressionType%22%3A%22google+auction%22%2C%22adId%22%3Anull%2C%22ecpm%22%3A2%2C%22relLift%22%3A2%2C%22meta%22%3A%22permutive%3D36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210%2Crts%3BDomain%3DZimbio%3BCategory%3DEnt%3BChannel%3DHomepage%3BPV%3D001%3BSource%3Dothr%3BMedia_Type%3DHomepage%3BTester%3DB%3BRcode%3DZM_Orgc%3Bpuid%3D3f86dc11-51f7-4b4f-befd-c63993a4b1de%3Bptime%3D1660548185490%3Bstack%3Dprebird%3BconsentGDPR%3Dtrue%3Bsid%3DGVQUXF3TYF3%3Brefresh%3D1%3Bamznbid%3D2%3Bamznp%3D2%3BMaxBid%3D0000%3Bsize%3D0x0%3BrelLift%3D0%3BFloorAdX%3D0005%3Badxtestboost%3D0%3Bfloors%3Dgoog2%2Crobin1%2Cmbp%3BMBP%3D%3BDealGroup%3D0%3BimpId%3DGVQUXF3TYF388180172105508980%3BCmpdb%3D%3BCmptgdb%3D%3BUpdatedActiveBidders%3D+%3BwindowInnerWidth%3A1600%3BwindowInnerHeight%3A1200%22%7D%7D

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.4.6 (Ubuntu) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 72720
date: Mon, 15 Aug 2022 07:23:07 GMT
via: 1.1 varnish, 1.1 varnish
server: nginx/1.4.6 (Ubuntu)
x-timer: S1660548188.528576,VS0,VE73
x-served-by: cache-bfi-krnt7300103-BFI, cache-ewr18128-EWR
strict-transport-security: max-age=31557600
x-cache: MISS, MISS
cache-control: max-age=0
x-cache-hits: 0, 0
accept-ranges: bytes
expires: Mon, 15 Aug 2022 07:23:07 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 781 B
1 KB 273ms
273ms XHR
text/javascript 143.204.150.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3234&u=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&pid=3K8Aui9NrOo2c&cb=1&ws=1600x1200&v=22.8.42053&t=300&slots=%5B%7B%22sd%22%3A%22pushdown%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Subnav_970x90%22%7D%2C%7B%22sd%22%3A%22topMREC%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F1028834%2FZM%2FZM_DT_Top_300x250%22%7D%5D&pj=%7B%22bucket%22%3A%5B%22B%22%5D%7D&cfgv=1&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*ug4sCQRPlXNZQe0giZeMURgGuXHHq183pKhw71jt3oEe43yFPFK9n3PSd3LlJcO2%22%2C%22pubcommon%22%3A%22fae40493-0b07-412d-8904-aafee314dd77%22%2C%22audigent%22%3A%22060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2oil1mggk4e4s4ou04gu0oeow6sz%22%7D%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.150.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

dbe476e3ac72df75995b7f09270bb143d99dc0c1afd1c0e9f6e2d08726a7c1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 07:23:07 GMT
via: 1.1 0d3bc0372b2119705524079214a98b3e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: EWR52-C2
x-amz-rid: 688V7B6W0QC3CGX4CF9K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 781
x-amz-cf-id: jp3nbVP3d7udc-5N628wLTOJw499K8zpFTq-dk_3gFX-NIjbN9I3Zw==

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 15 KB
8 KB 160ms
159ms XHR
application/json 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: bcd60406fc601aeb153d6ca02fbfd83bcc0c3b2ea266b87016a08b97f8d6f5b3

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www4.pictures.gi.zimbio.com
date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
x-openrtb-version: 2.3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 156ms
156ms XHR
application/json 68.67.160.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7111f6ee74ee01d9eed6e00a36c5e2f76e766785a696aa2de177bee65cc1670f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:23:07 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.36; 96.9.249.36; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 523fb7f0-b2bb-48d6-ac8f-69db21ca87f1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK bid Show response
krk.kargo.com/api/v2/ 2 B
662 B 122ms
122ms XHR
application/json 52.71.142.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%222a0dd549-2953-4b44-b54b-e4da3bddc99e%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A3000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1660548187535%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%226572bcafdf0b74f%22%3A%22_qeVlAfyexV%22%7D%2C%22bidSizes%22%3A%7B%226572bcafdf0b74f%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qeVlAfyexV%22%7D%2C%22userId%22%3A%22%22%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22pushdown%22%2C%22transactionId%22%3A%2280d03569-bad7-496f-9546-8402ad546ec2%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B970%2C250%5D%2C%5B728%2C90%5D%5D%2C%22bidId%22%3A%226572bcafdf0b74f%22%2C%22bidderRequestId%22%3A%22640db56254b131%22%2C%22auctionId%22%3A%224eaf489e-17d1-48ec-9074-613aa2dd2867%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A2%2C%22bidderRequestsCount%22%3A2%2C%22bidderWinsCount%22%3A0%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22krux%22%3A%7B%22userID%22%3Anull%2C%22segments%22%3A%5B%5D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.142.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-142-187.compute-1.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
X-Accel-Expires: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 44ms
43ms XHR
application/json 74.119.119.129
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.1&cb=48409927978

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

bidder.va1.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6b76dd963e2ad6330632814ff97b994e73f4e72e34c1eda4dd244f6154396a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:06 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1520

GET
H3 200 arj Show response
livingly-d.openx.net/w/1.0/ 174 B
187 B 78ms
78ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://livingly-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=381cef65-8351-4490-afd7-dc148dd6d0d3%2C5616b692-60b3-4fa5-8354-253a5b762b7d%2C2ee77c93-2063-4e4e-b812-c8cfea18da53&nocache=1660548187538&aus=970x90%7C970x250%7C728x90&divids=pushdown_970x90%2Cpushdown_970x250%2Cpushdown_728x90&aucs=%2C%2C&auid=538037187%2C540288701%2C540288707&tps=YnVja2V0PWI%3D%2CYnVja2V0PWI%3D%2CYnVja2V0PWI%3D&aumfs=100%2C3000%2C100
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9c382a01f1b2a5bf2affe97289de483a5034ea80f18408419340bb46b6e4f03a

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 cygnus Show response
htlb.casalemedia.com/ 11 KB
7 KB 663ms
638ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=168881&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22727d269fbbf776%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F%3FprtCat%3D%26permutive%3D36649%252C37275%252C37276%252C37283%252C72138%252C73225%252C74190%252C74645%252C76000%252C76002%252C76351%252C76354%252C79291%252C79368%252C80344%252C80500%252C81210%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.1%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22743c1b44-933e-4111-9ad8-0775ef5b3ede%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-08-15T07%3A23%3A05%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2273369fa64ad201e%22%2C%22ext%22%3A%7B%22siteID%22%3A168881%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2274c6451b1bf80e7%22%2C%22ext%22%3A%7B%22siteID%22%3A168787%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f1c514922078f32b949555be3702a1715eeb1ef850881e91fadd15366a5443

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 15 Aug 2022 07:23:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v12Ty2MOTivy3N1Hoa7QOHhhBRrhvkH18JkcfK2pouohTT2OjY55CNcc8Ciegby5zENK5VkTpPt8KvB2h35w0TOrm%2B6FzXPgNzTuqNVSjr8CCXZck37snFlo9VUa%2B3WwrlMcAPQ0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73b02edc5c5b3342-EWR
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
750 B 114ms
114ms XHR
application/json 2602:803:c002:200::114
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9178&site_id=116876&zone_id=550458&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&tg_v.permutive=36649%2C37275%2C37276%2C37283%2C72138%2C73225%2C74190%2C74645%2C76000%2C76002%2C76351%2C76354%2C79291%2C79368%2C80344%2C80500%2C81210&tg_i.bucket=B&tg_i.pv=1&tk_flint=pbjs_lite_v4.43.1&x_source.tid=80d03569-bad7-496f-9546-8402ad546ec2&p_screen_res=1600x1200&rp_floor=0.11&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8032384155312269
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c002:200::114 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4f6a4a677219f180a8f320ecf69e6c7cd5738134d9a2e22785f2a8ca26389e40

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www4.pictures.gi.zimbio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
730 B 133ms
132ms XHR
application/json 3.221.230.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.1&referrer=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&tmax=3000

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.230.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-230-178.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
accept-ch: sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK hb Show response
sofia.trustx.org/ 2 B
321 B 38ms
38ms XHR
application/json 35.211.168.6
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://sofia.trustx.org/hb?pt=net&auids=7591%2C7592%2C7593&sizes=970x90%2C970x250%2C728x90&r=79e286d1a808a7a&wrapperType=Prebid_js&wrapperVersion=4.43.1&keywords=%5B%7B%22key%22%3A%22prtCat%22%2C%22value%22%3A%5B%5D%7D%2C%7B%22key%22%3A%22permutive%22%2C%22value%22%3A%5B%2236649%22%2C%2237275%22%2C%2237276%22%2C%2237283%22%2C%2272138%22%2C%2273225%22%2C%2274190%22%2C%2274645%22%2C%2276000%22%2C%2276002%22%2C%2276351%22%2C%2276354%22%2C%2279291%22%2C%2279368%22%2C%2280344%22%2C%2280500%22%2C%2281210%22%5D%7D%5D&u=https%3A%2F%2Fwww4.pictures.gi.zimbio.com%2F&wtimeout=3000
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 6.168.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:23:07 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
378 B 39ms
39ms XHR
application/json 35.211.165.199
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: www.zimbio.com
URL: https://www.zimbio.com/loader/90.894.platform/jquery-1.10.2.min__platform/events__nocompress/pubsub.min__platform/jq_library__platform/jq_d_library__platform/jq_loader__platform/jq_dialog__platform/social_base__platform/jq_social_library__platform/jq_track__platform/jq_ads__platform/jq_sticky__platform/jquery.cookie__platform/prebird_config__platform/prebird__signup_prompts/prompt__platform/ajax_newsletter__nocompress/diberpnew__nocompress/pubcid.min__/gpe.zimbio__cGxhdGZvcm0__.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.165.199 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 199.165.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5e3e23332e9c707b4bfe06271889bc518162028120d2e606cb01b6a17996840f

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 15 Aug 2022 07:23:07 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www4.pictures.gi.zimbio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E33 0
0 38ms
37ms Fetch
image/gif 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsscXAHKc7jl7PAAgNGF72rkyzM-5SFctVcvJes8-_F_MGwfV7eLANOAloRdCGuXmAN7koNjRqvin58UMJLY_dBkZnwDhzgDDnbncLQ7rRw_ea6up0dwnHsnhDil3DNCg6ccb0ogFehu51Pa-xOlEgNnPnnOoBaXCbtX_iSYyPDUlvc1wQ-FmNXuJXalNZD25k-DGX5PIfaf9B1DjjVPLP8rcl5ulJvI7FpEv2YoTYCJpCqcaxClSkyziQig8p4NHLNMgKNw9XMPm5TMzh16qE9aNQ8d-p4tx-bHOxVU7H0fPvV7I9_B3fV1opx3hJA8Ylzn_z3kd27YphkC8TeZjycDH-2QaQ&sai=AMfl-YTp72w0cK7qA5e2wZxYZpgs1PqWkzzt24GIo-bAb1VU8fTL2jKclU7wKlEjgLprfQRiJrLL9AIBU6PsjFQAvSPPcSgXQNQz4AiciVwrSSnzfCWMF0O0jll3TszHZg&sig=Cg0ArKJSzMFc9hiAOW7ZEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 07:23:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 7913 42 KB
17 KB 113ms
44ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?u=%7Co6iHfHPuJ0%2F56io%2F4rVYcr6xkCus7IG6yPdXZTJgkHQ%3D%7C&c1=SMhbYeryLxmLAABjYmpwvzXiYcA7hF1JYY-dQBuAZ5_demgXFoyBx__soTP6zEFigR-Kl21VmFE7Fcys09dp2lBBGel2n0_vqZ7dx-v9HtAszZl0GwigwZp1NNHkKPp_fNIlYY69-ceRY7I39ED_8T5CdxXaG7h6v2nYlaIPga2uMaRzWvMMPZU_gXGpTd227y-NNw1qszG28V3BLjLm-ERKJauUAo7Yg9PI3v00KWNpzVl_Z7rWdiz7rFHNfUGpODYv7m10oUXYFUqnnWFN-lazY5p4q8dQ7TrEuU3Gk0pLs1VFxHuqBzEOZ_GGA_huTgDvfCj2MTopKfhA0chvX-59q_itIcTsu01ZwAOAnwNsBFIF1ZKS4-fEJ_NUpLpI5XykBqLiL3SBs8XXf-ASXoxI3wJRuF6QRjwNVMr7v0pOeuzi1xoloLyogl6yIw4dPfI9pgo1VEGi0DDJ343FVYYsq0h6m_36rp3A6OMW5uo

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/livingly-v3/b-01880f1-fe6ef3c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

41993ca92668dea2b5653cf5bf21ea8e507fa788ed24d8afda189f05a1254ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www4.pictures.gi.zimbio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 07:23:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ZUW6itBGcL5Kzx_zC7sMi7hQ6ZXTzGWWjOZkVa1wryNe4lCJfWl_4c2qBCxmTmkEZdzVzs1yydLLXCqAjnqGW5UVqz9GRSgyF8lTZ-fZWUQlNmsde_gDCFQB3XYGtshvrdQYuJwVvZpKQeCpKh6k-Z900PZSUmIhWrWrSQ4juk2a8Xv7qb6ZrP1z5VAS83MhaIKX-6vXPLcb1LlmrtujJjByfembXg2Qsa0IE62G004c4JCPVJ0TdotX0aCKwGjn15bLew"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 18123235
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 tpd
cat.va.us.criteo.com/ Frame 2E33 43 B
462 B 223ms
25ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/tpd?dd=TBKNf19WSXdsOXQ4MHBEZnRxME51JTJCeEJzZFl0NkUwYlNFQTFneE5hcTAlMkJHZjFDcnpibFBkMWR2JTJCeiUyQlh1aHVmaE5ZREpwQVhSMGRnVzFtJTJGNXBSS0dCRDlqZDRMSiUyQnJ3NjAyOE1mMCUyRkRBNVdFZ0Z1N3VMUWFhZVNlWWJmVzRRdyUyQmVlSEdjaE9FbjRUTmNTS2g5SVBaJTJGTGIzVFpXU0ZHMGIlMkJ0SDExWWlSVXBlNHh0ekNJczZPMTN0WVZqajclMkZVJTJCTENLSU5UV2VkNXE3JTJCTU05ZSUyQlgyS1lXVVRZMDVwMDZ4dXZwTWhjJTJGNkM3bjZOeGlEVWE2WXBjd1VwQktyZEs3R1prMW9KN0lnQWNHSDdQM2x3cWJJSUN0cURraWZXMkJqZ05zNzlNbmdNJTJCMGtLRWVWaFFPMHJHY1dLSENPTGxNTXEyMUZTQk50MHo0NWpOdFFDQW5MbTdLWFFGbW5sS29KJTJGekNnaUpSTDRlSFA0MnRiVXc0aUJIOXEzd2ROT1RQSTgybUtTbzRTeHRYeGowM2Zub3BXVXJrNmh6UmMxQnZNV0s2NlZGTW5qVndaMVlta3I5T083Vk55bk5GVmpScXF5MEglMkZtc3Vrc0hsdFZIVDN2Y1RPVGJoTzEzUDAzMjltJTJGRDk3Q1dhaXo2Z2xEZmFwaUh0aWxyREprRHczcTFVZnpwN3k4

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 07:23:07 GMT
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 572739
strict-transport-security: max-age=31536000; preload;
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ Frame 2E3B 220 KB
61 KB 86ms
22ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 572704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2E3B 14 KB
5 KB 131ms
67ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 572704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2E3B 94 KB
28 KB 120ms
56ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 572704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2E3B 5 KB
2 KB 128ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 572704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ Frame 2E3B 40 KB
13 KB 131ms
68ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 572704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 08 Aug 2022 16:18:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Aug 2023 16:18:04 GMT

GET
H2 200 13499767067863452453
tpc.googlesyndication.com/daca_images/simgad/ Frame 2E3B 90 KB
91 KB 74ms
22ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13499767067863452453

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f66bf9e33111e80aee563246a50a696629df9b8f97fd1ae8a0028007d4cf976

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 11:13:15 GMT
x-content-type-options: nosniff
age: 590992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92326
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 21:00:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Aug 2023 11:13:15 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2E3B 2 KB
3 KB 72ms
20ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 17:25:39 GMT
x-content-type-options: nosniff
server: cafe
age: 50248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 15 Aug 2022 17:25:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2E3B 295 B
399 B 72ms
21ms Image
image/png 2607:f8b0:4006:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 00:19:52 GMT
x-content-type-options: nosniff
server: cafe
age: 25395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 16 Aug 2022 00:19:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2E3B 0
0 85ms
39ms Image
text/html 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkiwbYuApsbcSyABzx38a1uY57tQZEItZJ_Y5nAl35q1YXRIZuvfAgM_UH5UPGW5k5yXyJGbUYe9hULNC2Q6WcYqrsmw
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3

200

gm-08A48GG39.png
pm.geniusmonkey.com/r/ Frame 2E3B
Redirect Chain

https://pm.geniusmonkey.com/i/gm.png?id=226597978&ord=3254002507
https://pm.geniusmonkey.com/r/gm-08A48GG39.png

68 B
96 B

72ms
22ms

Image
image/png

34.117.190.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.geniusmonkey.com/r/gm-08A48GG39.png
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H3
Server: 34.117.190.90 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 90.190.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 06:25:08 GMT
via: 1.1 google
age: 3480
x-guploader-uploadid: ADPycdvP446FyoVwXEjOd_nvvMB9wqr9Qmw2hReBD7rB1XRwd299STU6rMOZDX0wOhfYbZzn1UdyPWvQWtTMSEY6v1Pj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
last-modified: Tue, 11 Jan 2022 19:32:52 GMT
server: UploadServer
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
x-goog-hash: crc32c=sfVMdw==, md5=l4wb7knXrV/BpNgQmbE+GA==
x-goog-generation: 1641929572207890
cache-control: public, max-age=3600
x-goog-stored-content-length: 68
accept-ranges: bytes
content-type: image/png
expires: Mon, 15 Aug 2022 07:25:08 GMT

Redirect headers

date: Mon, 15 Aug 2022 07:23:07 GMT
via: 1.1 google
vary: Origin
location: https://pm.geniusmonkey.com/r/gm-08A48GG39.png
access-control-expose-headers: X-Token
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2E3B 0
0 48ms
46ms Image
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXnJ6WvT5YozNMYjJ_gSkhJHoBo6AqOBr0-_iv68QsJAfEAEg-teRGGDJ1r6I9KPAEKAB1bD66yjIAQLgAgCoAwHIAwiqBIQCT9AsaYXe3jpmSA6ZTtojkV3PfC3hjbGf4qOl_stWUsmLhytKBq1i2rhfZJB-I-uWb8sIB40tH4jr6CYvhWXyXKtJPq-bXzT_EqFiuqaVXLFwevsoFw-h2wJTWvN3I-FxUUHSHbfYLqmI4dJA_26hNrZ-KuUbLjjr83faHs8_WyBdYnG6x9FoicTClsArl1P32cbrEo6LtoEC9nfV-JUKiG5JWDTUhEmVQewbkAHiHUOkPWc47GL2cv3NsAe-EWwtiZ-1PTi_MTb8X5anY3Y8HpX_lKd6n-RXjrnHBFHWdO-hzN_GveGZOKFD8-4vdJxjyEQYoAUVkxbvcTImLZZ4E8vhtvjABNSOhaGPBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAfV6MrLA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcFEN-99wHSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItNjI0MTk0MjUxMTA1NDM1NRiyoAc&sigh=8R9oJnFNGco&uach_m=[UACH]
Requested by: Host: www4.pictures.gi.zimbio.com
URL: https://www4.pictures.gi.zimbio.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s34-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www4.pictures.gi.zimbio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2E3B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bfcba59b266d4732629bec35cb2547767a0467aed6aecd5cb44cdd2e2d705c8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E33 0
0 39ms
38ms Fetch
image/gif 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucHy7MpMRQ2s3JryFzb0QIrh2p4BUoNRPGFqB9-sFzyZlbgzdY9QXZgf7x0L1QvXJkTaxisKR9hSJi91GZLkQNkq5K7mwte3O4KAT9n9oBf6SuufoD19DaAi8zlmogVVU43dcaA72eERvHJVyLbThnvMb9d5D5NSZXUT3DpGLAkwxkWfcDuc8qNOvKek475seU3AZmn3w_ksE4KE40sH0GzAXrn4lqwkz0CMu6q0PBmD8ydtKn4iZOnZV8FKRjmTU3tow41GYWnZVqYK0dMi0EQcSmozwx0e-Qk9uD3q8GhnDtW6yuvT_XjhjheZMQqxCsvBFn5sdVHholk4ZuSVeiDlTox0SQ&sai=AMfl-YTethj1sZZJunP1oAoqhJW4a9C36XAkm8ZqiOdRqJzy1_5o6Jz6GCOVb91Nb7X4LYBEjL0-9OqBXfnhnSJBUD4raQwWxEVPGZnLWKvTFehzQda4U2CSjxBSyxyT3Q&sig=Cg0ArKJSzFtRdZfSL_yWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS