urlscan.io logo urlscan.io
SecurityTrails logo

shp.csharmony.epsilon.com Open in urlscan Pro
35.167.76.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.e.chiefs.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15f69d2f9b35462ca87265...
Effective URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Submission: On May 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 7 countries across 37 domains to perform 72 HTTP transactions. The main IP is 35.167.76.98, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is shp.csharmony.epsilon.com. The Cisco Umbrella rank of the primary domain is 742657.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 2nd 2022. Valid for: a year.
This is the only time shp.csharmony.epsilon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 147.154.43.45 31898 (ORACLE-BM...)
1 1 147.154.40.231 31898 (ORACLE-BM...)
12 35.167.76.98 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 23.38.98.73 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
2 14 52.215.114.201 16509 (AMAZON-02)
1 2 63.140.62.135 16509 (AMAZON-02)
8 8 52.211.51.157 16509 (AMAZON-02)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 52.51.141.47 16509 (AMAZON-02)
1 13.32.99.23 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 1 185.29.132.241 30419 (MEDIAMATH...)
2 2 18.198.69.109 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 18.157.212.150 16509 (AMAZON-02)
2 3 185.89.210.212 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 46.228.164.13 56396 (AMOBEE)
1 1 2.23.197.190 16625 (AKAMAI-AS)
8 9 142.250.184.226 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
6 12 54.155.243.93 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
2 3 3.75.62.37 16509 (AMAZON-02)
2 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 1 3.125.70.222 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 34.160.236.64 396982 (GOOGLE-CL...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
8 8 151.101.66.49 54113 (FASTLY)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a04:4e42:400... 54113 (FASTLY)
1 1 13.225.239.84 16509 (AMAZON-02)
1 1 18.66.97.47 16509 (AMAZON-02)
2 3 52.46.155.104 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 34.193.26.185 14618 (AMAZON-AES)
72 31
1    147.154.43.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
app.e.chiefs.com
1    147.154.40.231 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
s771189855.t.eloqua.com
12    35.167.76.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-76-98.us-west-2.compute.amazonaws.com
shp.csharmony.epsilon.com
2    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    23.38.98.73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-73.deploy.static.akamaitechnologies.com
images.harmony.epsilon.com
4    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
14    52.215.114.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    63.140.62.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net
smetrics.nfl.com
8    52.211.51.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-51-157.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    52.51.141.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-141-47.eu-west-1.compute.amazonaws.com
nfl.demdex.net
1    13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net
sb.scorecardresearch.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
2    18.157.212.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-212-150.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
9    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
12    54.155.243.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
pixel.advertising.com
ups.analytics.yahoo.com
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    13.225.239.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-239-84.bru50.r.cloudfront.net
ads.undertone.com
1    18.66.97.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-47.fra56.r.cloudfront.net
evt.undertone.com
3    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2600:9000:2057:c800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    34.193.26.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-26-185.compute-1.amazonaws.com
ping.chartbeat.net
Apex Domain
Subdomains		 Transfer
28 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1174
pixel.everesttech.net — Cisco Umbrella Rank: 4991
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
11 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 220
nfl.demdex.net — Cisco Umbrella Rank: 45064
21 KB
14 epsilon.com
shp.csharmony.epsilon.com — Cisco Umbrella Rank: 742657
images.harmony.epsilon.com — Cisco Umbrella Rank: 21628
2 MB
9 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
1 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
559 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1102
ads.yahoo.com — Cisco Umbrella Rank: 6414
1 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
30 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
2 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
3 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1584
load77.exelator.com — Cisco Umbrella Rank: 3985
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
930 B
2 undertone.com
ads.undertone.com — Cisco Umbrella Rank: 6355
evt.undertone.com — Cisco Umbrella Rank: 6376
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 760
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
758 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 848
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
136 KB
2 nfl.com
smetrics.nfl.com — Cisco Umbrella Rank: 38591
740 B
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 438
87 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1299
201 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1680
15 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 657
381 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 958
452 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 472
273 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
239 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1220
213 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1074
418 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1484
331 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 690
394 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1394
175 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1255
402 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
695 B
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 164
300 B
1 eloqua.com
s771189855.t.eloqua.com
760 B
1 chiefs.com
app.e.chiefs.com
515 B
0 netmng.com Failed
adb2waycm-atl.netmng.com Failed
72 37
Domain Requested by
14 dpm.demdex.net 2 redirects shp.csharmony.epsilon.com
12 pixel.everesttech.net 6 redirects shp.csharmony.epsilon.com
12 shp.csharmony.epsilon.com shp.csharmony.epsilon.com
9 cm.g.doubleclick.net 8 redirects shp.csharmony.epsilon.com
8 sync-tm.everesttech.net 8 redirects
8 cm.everesttech.net 8 redirects
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com shp.csharmony.epsilon.com
www.gstatic.com
www.google.com
3 s.amazon-adsystem.com 2 redirects
3 ib.adnxs.com 2 redirects shp.csharmony.epsilon.com
3 www.facebook.com shp.csharmony.epsilon.com
2 sync.search.spotxchange.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects shp.csharmony.epsilon.com
2 gum.criteo.com 2 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pm.w55c.net 2 redirects
2 loadm.exelator.com 2 redirects
2 nfl.demdex.net assets.adobedtm.com
2 connect.facebook.net shp.csharmony.epsilon.com
connect.facebook.net
2 smetrics.nfl.com 1 redirects assets.adobedtm.com
2 images.harmony.epsilon.com shp.csharmony.epsilon.com
2 assets.adobedtm.com shp.csharmony.epsilon.com
assets.adobedtm.com
1 ping.chartbeat.net
1 static.chartbeat.com shp.csharmony.epsilon.com
1 evt.undertone.com 1 redirects
1 ads.undertone.com 1 redirects
1 trc.taboola.com shp.csharmony.epsilon.com
1 image2.pubmatic.com shp.csharmony.epsilon.com
1 us-u.openx.net shp.csharmony.epsilon.com
1 pixel.rubiconproject.com shp.csharmony.epsilon.com
1 ads.yahoo.com shp.csharmony.epsilon.com
1 odr.mookie1.com shp.csharmony.epsilon.com
1 cms.analytics.yahoo.com 1 redirects
1 ps.eyeota.net 1 redirects
1 pixel.advertising.com 1 redirects
1 match.adsrvr.org shp.csharmony.epsilon.com
1 analytics.twitter.com shp.csharmony.epsilon.com
1 x.dlx.addthis.com 1 redirects
1 d.turn.com 1 redirects
1 fonts.gstatic.com www.google.com
1 load77.exelator.com shp.csharmony.epsilon.com
1 sync.mathtag.com 1 redirects
1 sb.scorecardresearch.com shp.csharmony.epsilon.com
1 s771189855.t.eloqua.com 1 redirects
1 app.e.chiefs.com 1 redirects
0 adb2waycm-atl.netmng.com Failed shp.csharmony.epsilon.com
72 46

This site contains links to these domains. Also see Links.

Domain
www.nfl.com
www.bundesliga.com
Subject Issuer Validity Valid
*.csharmony.epsilon.com
Entrust Certification Authority - L1K		 2022-08-02 -
2023-08-31		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
images.harmony.epsilon.com
Entrust Certification Authority - L1K		 2022-08-30 -
2023-09-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
smetrics.nfl.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-23 -
2023-05-24		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh

This page contains 4 frames:

Primary Page: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Frame ID: 8B9878FB125DC0607504BF7491F8F981
Requests: 29 HTTP requests in this frame

Frame: https://nfl.demdex.net/dest5.html?d_nsid=0
Frame ID: 5071A3704A9F7CF54E1D907AB193BB1B
Requests: 34 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
Frame ID: 1FA222B82FBB60D9589173BFF0B22778
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9
Frame ID: 1E03F0B368DF202AB2C00CD198EFCBE1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ticketinfos für Deutschland 2023

Page URL History Show full URLs

  1. http://app.e.chiefs.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15... HTTP 302
    https://s771189855.t.eloqua.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15... HTTP 302
    https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

72
Requests

56 %
HTTPS

25 %
IPv6

37
Domains

46
Subdomains

31
IPs

7
Countries

2774 kB
Transfer

4452 kB
Size

48
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.e.chiefs.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15f69d2f9b35462ca8726571cd6a135f&elqaid=4877&elqat=1 HTTP 302
    https://s771189855.t.eloqua.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15f69d2f9b35462ca8726571cd6a135f&elqaid=4877&elqat=1 HTTP 302
    https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684261430212 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684261430212
Request Chain 11
  • https://cm.everesttech.net/cm/dd?d_uuid=52903891180373470673609400285940245876 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGPKNgAAAMlnOgN-
Request Chain 20
  • https://smetrics.nfl.com/b/ss/cbsnfl/1/JS-2.1.0-D7QN/s03232252629872?AQB=1&ndh=1&pf=1&t=16%2F4%2F2023%2018%3A23%3A50%202%200&D=D%3D&mid=52694288578243927723629007469324048843&aamlh=6&ce=UTF-8&ns=nfl&pageName=nfl.com%3Amunich%20game%3Aregister%3Alanding&g=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D&c.&visitorAPI=VisitorAPI%20Present&.c&ch=munich%20game&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=nfl.com%7Cmunich%20game%7Cregister%7Clanding&c2=register&v2=nfl.com%3Amunich%20game%3Aregister%3Alanding&c3=landing&v3=munich%20game&c5=D%3Dv4&v6=First%20Visit&c8=D%3Dv3&v8=landing&v14=register&c21=First%20Visit&c22=cbsnfl&v24=responsive&v25=D%3Dc22&c27=D%3Dv43&c33=D%3Dv33&v33=nfl.com&c48=pv&c49=Non%20ATM%20Sites%7Cv20170817%7C2.1.0%7C2.1.0%7C2019-09-17%2023%3A22%3A26%20UTC%7CServer%20Side%20ID%7CTarget%20Version%20Not%20Available&v49=ck%3D&c50=D%3Dmid&c51=D%3Dv49&c52=nfl.com%3Amunich%20game%3Aregister%3Alanding&v57=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F&c67=Ticketinfos%20f%C3%BCr%20Deutschland%202023&c72=D%3Dv57&c73=D%3Dv73&v73=shp.csharmony.epsilon.com&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&AQE=1 HTTP 302
  • https://sb.scorecardresearch.com/r?c2=3005386&d.c=gif&d.o=cbsnfl&d.x=2690724622&d.t=page&d.u=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D
Request Chain 27
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=52903891180373470673609400285940245876&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d52903891180373470673609400285940245876 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=015b6463-ca36-4600-8a8e-6d8dc898a1d4&ddsuuid=52903891180373470673609400285940245876
Request Chain 28
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=52903891180373470673609400285940245876 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=52903891180373470673609400285940245876&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 29
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=xoMkJpFk1PYZkW5
Request Chain 30
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1155442148896956080
Request Chain 36
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=9191615231000692315
Request Chain 37
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=52903891180373470673609400285940245876&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023051618235100027872697404
Request Chain 42
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTI5MDM4OTExODAzNzM0NzA2NzM2MDk0MDAyODU5NDAyNDU4NzY= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTI5MDM4OTExODAzNzM0NzA2NzM2MDk0MDAyODU5NDAyNDU4NzY=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKkBZ4QyEGNNAX8G19fMZDw&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 46
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 47
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 48
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D2634060der%253D51%2526seg%253D2634060&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 49
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782 HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2526v%253D11782&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 50
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggybackCookie%253D__EFGSURFER__.__EFGCK__&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 52
  • https://pixel.advertising.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true&verify=true
Request Chain 53
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__ HTTP 302
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1 HTTP 302
  • https://pixel.everesttech.net/1x1
Request Chain 54
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LgG6uIY-Dk0GoeOG_ZR3HMxo6R7EYTvf&gdpr=0&gdpr_consent=
Request Chain 55
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=52903891180373470673609400285940245876&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 56
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=52903891180373470673609400285940245876&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
Request Chain 58
  • https://cm.everesttech.net/cm/yh HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZGPKNgAAAMlnOgN-&sigv=1&esig=1~99a43862cfeec8ce50802bf8a52027e4245e03b4
Request Chain 59
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdQS05nQUFBTWxuT2dOLQ==
Request Chain 60
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGPKNgAAAMlnOgN-&expires=90
Request Chain 61
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGPKNgAAAMlnOgN- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGPKNgAAAMlnOgN-&C=1
Request Chain 62
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=ZGPKNgAAAMlnOgN-
Request Chain 63
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGPKNgAAAMlnOgN-
Request Chain 64
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGPKNgAAAMlnOgN-
Request Chain 65
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGPKNgAAAMlnOgN-&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGPKNgAAAMlnOgN-&img=1&__user_check__=1&sync_id=cee5062f-f416-11ed-9268-1d21b9eb0206
Request Chain 66
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGPKNgAAAMlnOgN-&t=2592000&o=0
Request Chain 68
  • https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
  • https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
Request Chain 69
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=Cw09xYDnSBmpInyZ_ZfIGQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=52903891180373470673609400285940245876

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/
Redirect Chain
  • http://app.e.chiefs.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15f69d2f9b35462ca8726571cd6a135f&elqaid=4877&elqat=1
  • https://s771189855.t.eloqua.com/e/er?s=771189855&lid=1790&elqTrackId=666BFEE66110A2B9389223820E304D03&elq=15f69d2f9b35462ca8726571cd6a135f&elqaid=4877&elqat=1
  • https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
35 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
2e0008344d2852b9a7783cc2989b5564096f15997b054c81f65826a22991556f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 18:23:49 GMT
expires
-1
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
x-request-id
cbf5807383da4794b91172aca1ec6f48

Redirect headers

Cache-Control
no-store
Content-Length
185
Content-Type
text/html; charset=utf-8
Date
Tue, 16 May 2023 18:23:47 GMT
Expires
-1
Location
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-Xss-Protection
1; mode=block
Germany_ROI_CSS_2023.css
shp.csharmony.epsilon.com/Pages/Content/css/5086/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
c7bc61e9f825611a167d9b21b74b328c584a927dfe9c78210427f72f3c34fb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
x-powered-by
ASP.NET
content-length
4083
x-request-id
6de88a621f8dd3782bd065e32368fdec
pragma
no-cache
last-modified
Wed, 18 Jan 2023 17:49:52 GMT
server
nginx
etag
"0a03244652bd91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
accept-ranges
bytes
expires
-1
satelliteLib-4a41a0c59216f4b33fd03070ff9192036866370d.js
assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/ 		137 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/satelliteLib-4a41a0c59216f4b33fd03070ff9192036866370d.js
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
239fec1d9240aa7c676d08324254d36b735088e3c8d4d125e0e6b1c30f03e4cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:49 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 23:22:28 GMT
server
AkamaiNetStorage
etag
"c0bd00f46c6add77421ae6bdab74abd4:1568762548.529559"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://shp.csharmony.epsilon.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
38868
expires
Tue, 16 May 2023 19:23:49 GMT
jquery
shp.csharmony.epsilon.com/pages/bundles/ 		91 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/pages/bundles/jquery
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
4f7602d5c90b10fe90158dec644785df672c2f340257b04b21884e03ea0e7e32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
x-request-id
dec3486fa06099da376823c2245dd09a
expires
-1
cust
shp.csharmony.epsilon.com/pages/bundles/jquery/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/pages/bundles/jquery/cust
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
96a0ec4c1087b4969c0acacbf4b88a81fc55d173dc898396341fff651b1803db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
x-request-id
0d30151306f63d6c6f731c758a8a3dd4
expires
-1
jqueryui
shp.csharmony.epsilon.com/pages/bundles/ 		194 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/pages/bundles/jqueryui
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
d34d6db965fce3768a5d98606ef759b4d9d6b8157d60922c3ee6c6ceb9c7ec28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
x-request-id
693900f0916b99b84c917be48bd6bdf6
expires
-1
jqueryval
shp.csharmony.epsilon.com/pages/bundles/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/pages/bundles/jqueryval
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
bc36f104dddc05eadedda4274ff6effceed5d4aea9c9dd79fdd11cec39fa6c64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
x-request-id
6539362ce61aa15a4b48ff3bc358eefb
expires
-1
modernizr
shp.csharmony.epsilon.com/pages/bundles/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/pages/bundles/modernizr
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
cf37d2687ee009f918cec9ef91f4817e8a05de46ca47dbfb01478a96ee3cc300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
content-encoding
gzip
server
nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
x-request-id
10c25376c06409e4865fed2070063a2d
expires
-1
images
images.harmony.epsilon.com/ContentHandler/ 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.harmony.epsilon.com/ContentHandler/images?id=9b3a7154-26fe-4618-a28e-fdd9f0ec9a03
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-73.deploy.static.akamaitechnologies.com
Software
Server /
Resource Hash
5139117cf389289ad62c8f4440f4e9370589c2e8c45beeef8bfd01e16a79ac6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:50 GMT
Server
Server
Connection
keep-alive
x-robots-tag
noindex
Content-Length
208607
Content-Type
image/png
api.js
www.google.com/recaptcha/ 		850 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1571f698f46bf76a622724fbd7e1e9f29c4233a986862126d59aee98b8a452bf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Tue, 16 May 2023 18:23:50 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684261430212
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684261430212
7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684261430212
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a8cf5ff523a987b9fd065c8272104bf7c1b36d1dd5825ff1a105f93982b53be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0d6777522.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
EB1T55ZKQME=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://shp.csharmony.epsilon.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2015
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v048-08f7bcca1.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XhGvwublQN8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://shp.csharmony.epsilon.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F75C3025512D2C1D0A490D44%40AdobeOrg&d_nsid=0&ts=1684261430212
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
id
smetrics.nfl.com/ 		48 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.nfl.com/id?d_visid_ver=2.1.0&d_fieldgroup=A&mcorgid=F75C3025512D2C1D0A490D44%40AdobeOrg&mid=52694288578243927723629007469324048843&ts=1684261430423
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/satelliteLib-4a41a0c59216f4b33fd03070ff9192036866370d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
6bfe87828e11c5cb1f39732b3df0aa91b7313fbb9a39737e33fa5def9126e526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shp.csharmony.epsilon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 May 2023 18:23:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://shp.csharmony.epsilon.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZGPKNgAAAMlnOgN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=52903891180373470673609400285940245876
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGPKNgAAAMlnOgN-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGPKNgAAAMlnOgN-
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-05e9a70ea.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pb3iWzRmS6g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZGPKNgAAAMlnOgN-
Date
Tue, 16 May 2023 18:23:50 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 18:23:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Itu1apSy1OF9UlAcYGCUDnygxLphxTg8ViH1I1yAfdG9Mb/5wEn+y7iWnvnS+Lb+GsYkDoIvJ8Ztln0Eca6vGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=(), hid=(), magnetometer=(), midi=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
s-code-contents-601fde7cf531266445344b831cb7366de037cc1c.js
assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/ 		145 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/s-code-contents-601fde7cf531266445344b831cb7366de037cc1c.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/satelliteLib-4a41a0c59216f4b33fd03070ff9192036866370d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d5e2bb535ad59d697157aa17a14eb0b3a135f6f00d1a703b4025e9e1ebd8b6e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:50 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 23:22:29 GMT
server
AkamaiNetStorage
etag
"574dc188df610ecd8a8ed0d1e0cdbde4:1568762548.950495"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://shp.csharmony.epsilon.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
49019
expires
Tue, 16 May 2023 19:23:50 GMT
images
images.harmony.epsilon.com/ContentHandler/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.harmony.epsilon.com/ContentHandler/images?id=d6e0eeed-9225-4bd6-af04-d8f024dabc01
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-73.deploy.static.akamaitechnologies.com
Software
Server /
Resource Hash
110d5bc117146fcb414efda120522d1dc7ee5c4449f711e13e264a53bc2a7150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:50 GMT
Server
Server
Connection
keep-alive
x-robots-tag
noindex
Content-Length
1591438
Content-Type
image/jpeg
EndzoneSans-Light.woff2
shp.csharmony.epsilon.com/Pages/content/fonts/5086/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneSans-Light.woff2
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash

Request headers

Referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Origin
https://shp.csharmony.epsilon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
x-request-id
cea6237ba57ded5948a1c95f5c693abc
expires
-1
EndzoneTechCond-Bold.woff2
shp.csharmony.epsilon.com/Pages/content/fonts/5086/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneTechCond-Bold.woff2
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash

Request headers

Referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Origin
https://shp.csharmony.epsilon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
content-encoding
gzip
server
nginx
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
x-request-id
519d9dd38a75efbd7abbf7c4ae795563
expires
-1
EndzoneSansMedium.woff2
shp.csharmony.epsilon.com/Pages/content/fonts/5086/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneSansMedium.woff2
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
997eec71eae0660bc6573df9db625845ef96c2fd6c48a26a98d5f76d80f1bf1a

Request headers

Referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Origin
https://shp.csharmony.epsilon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
last-modified
Tue, 16 Oct 2018 10:44:28 GMT
server
nginx
etag
"0e5c363d65d41:0"
x-powered-by
ASP.NET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
accept-ranges
bytes
content-length
8524
x-request-id
bf0f0ad6a7c4e5ed8ea573cbf994104f
expires
-1
dest5.html
nfl.demdex.net/ Frame 5071 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nfl.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/satelliteLib-4a41a0c59216f4b33fd03070ff9192036866370d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.141.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-141-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shp.csharmony.epsilon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v048-090422bc6.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
0sgbdXA2Th8=
content-encoding
gzip
date
Tue, 16 May 2023 18:23:50 GMT
last-modified
Wed, 10 May 2023 10:46:19 GMT
vary
accept-encoding
event
nfl.demdex.net/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nfl.demdex.net/event?_ts=1684261430712
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/d51a64fedd178a47928591706cfcb7e883ce6cca/s-code-contents-601fde7cf531266445344b831cb7366de037cc1c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.141.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-141-47.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
689395b105e06e2e8786658670ca4425da281af8f91ccfdad053bd07837d7a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shp.csharmony.epsilon.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v048-0fb6c8458.edge-irl1.demdex.com 8 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
RMkODgulSAM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://shp.csharmony.epsilon.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1926
Expires
Thu, 01 Jan 1970 00:00:00 UTC
r
sb.scorecardresearch.com/
Redirect Chain
  • https://smetrics.nfl.com/b/ss/cbsnfl/1/JS-2.1.0-D7QN/s03232252629872?AQB=1&ndh=1&pf=1&t=16%2F4%2F2023%2018%3A23%3A50%202%200&D=D%3D&mid=52694288578243927723629007469324048843&aamlh=6&ce=UTF-8&ns=nf...
  • https://sb.scorecardresearch.com/r?c2=3005386&d.c=gif&d.o=cbsnfl&d.x=2690724622&d.t=page&d.u=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/r?c2=3005386&d.c=gif&d.o=cbsnfl&d.x=2690724622&d.t=page&d.u=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Server
13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-23.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:50 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P3
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
uadlc6wNzXIMFuKZ6zJbrRq3k6qQbjQkj9yYXb00upU0aPpuizxsaw==

Redirect headers

date
Tue, 16 May 2023 18:23:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 17 May 2023 18:23:50 GMT
server
jag
etag
3616923880430632960-4619739295298133767
vary
*
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
location
https://sb.scorecardresearch.com/r?c2=3005386&d.c=gif&d.o=cbsnfl&d.x=2690724622&d.t=page&d.u=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 15 May 2023 18:23:50 GMT
1171861479503898
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1171861479503898?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
18b1fd1e2d45dcebd7cf4fc0394a76621870779290823b33f11efafa005985da
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 May 2023 18:23:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
109962
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
asoUiN97JxDYFVgU6KIDcPpF1iNzdTKCasBMJsoOX2ubnDuqnDT7KH1dfvk6DZAppxZbuyWgu+6+P9/i3oMugA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=(), magnetometer=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 		411 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shp.csharmony.epsilon.com/
Origin
https://shp.csharmony.epsilon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168053
x-xss-protection
0
last-modified
Mon, 08 May 2023 04:06:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 13:07:05 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1171861479503898&ev=PageView&dl=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D&rl=&if=false&ts=1684261430755&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684261430754.188651863&cs_est=true&it=1684261430719&coo=false&rqm=GET
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 May 2023 18:23:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
anchor
www.google.com/recaptcha/api2/ Frame 1FA2 		51 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
810ea31eeeab58f92b62d1f6f0e0758c035a86b9090bd3f8311b41e320827a1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GTYL3FXrasuLwHN7TVuySQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shp.csharmony.epsilon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
28512
content-security-policy
script-src 'report-sample' 'nonce-GTYL3FXrasuLwHN7TVuySQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 May 2023 18:23:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 1FA2 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 08 May 2023 04:06:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 18:20:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 1FA2 		411 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19005
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168053
x-xss-protection
0
last-modified
Mon, 08 May 2023 04:06:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 13:07:05 GMT
ibs:dpid=269&dpuuid=015b6463-ca36-4600-8a8e-6d8dc898a1d4&ddsuuid=52903891180373470673609400285940245876
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=52903891180373470673609400285940245876&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d52903891180373...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=015b6463-ca36-4600-8a8e-6d8dc898a1d4&ddsuuid=52903891180373470673609400285940245876
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=015b6463-ca36-4600-8a8e-6d8dc898a1d4&ddsuuid=52903891180373470673609400285940245876
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-08ae13595.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KhmCHDsxTPo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 16 May 2023 18:23:51 GMT
Server
MT3 851 9bd98ae master zrh-pixel-x4 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=015b6463-ca36-4600-8a8e-6d8dc898a1d4&ddsuuid=52903891180373470673609400285940245876
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 16 May 2023 18:23:50 GMT
pixel.gif
load77.exelator.com/ Frame 5071
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=52903891180373470673609400285940245876
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=52903891180373470673609400285940245876&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 16 May 2023 18:23:51 GMT
x-cache
HIT
x-77-cache
HIT
x-age
262659
x-accel-date
1683998772
content-length
43
x-77-nzt
AcO1rw7v6Pz/AwIEAA
x-accel-expires
@1685035572
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-77-nzt-ray
90833930a487dc4b37ca63643a012a09
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes

Redirect headers

date
Tue, 16 May 2023 18:23:51 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
ibs:dpid=359&dpuuid=xoMkJpFk1PYZkW5
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=xoMkJpFk1PYZkW5
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=359&dpuuid=xoMkJpFk1PYZkW5
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-097ddbfc8.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FuogGtD9QcQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2023 18:23:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0943143fd00beb9c6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dpm.demdex.net/ibs:dpid=359&dpuuid=xoMkJpFk1PYZkW5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=358&dpuuid=1155442148896956080
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1155442148896956080
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1155442148896956080
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-076739d48.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qcSPy1k8Q1k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 16 May 2023 18:23:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0fd992a6-082f-42d8-9bfe-022e6252ea32
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1155442148896956080
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 1FA2 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1FA2 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1FA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 22:52:35 GMT
x-content-type-options
nosniff
age
243076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 20 May 2023 22:52:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1FA2 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 23:28:35 GMT
x-content-type-options
nosniff
age
240916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 23:28:35 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1FA2 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9&co=aHR0cHM6Ly9zaHAuY3NoYXJtb255LmVwc2lsb24uY29tOjQ0Mw..&hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&size=normal&cb=9ieaq05sftgf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
1; mode=block
expires
Tue, 16 May 2023 18:23:51 GMT
ibs:dpid=470&dpuuid=9191615231000692315
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=9191615231000692315
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=9191615231000692315
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v058-05f465e01.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YA7Jxcp6TzI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=9191615231000692315
pragma
no-cache
date
Tue, 16 May 2023 18:23:50 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=134096&dpuuid=2023051618235100027872697404
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=52903891180373470673609400285940245876&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023051618235100027872697404
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023051618235100027872697404
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-077362add.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gLIFXAE0Tmo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2023051618235100027872697404
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 16 May 2023 18:23:51 GMT
EndzoneSans-Light.woff
shp.csharmony.epsilon.com/Pages/content/fonts/5086/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneSans-Light.woff
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
7f60027a52f7b89756668bbd4ecfbf1eff6c9cad7128674aac9a83a9e1572bb2

Request headers

Referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Origin
https://shp.csharmony.epsilon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
last-modified
Wed, 07 Nov 2018 17:50:40 GMT
server
nginx
etag
"0188c65c276d41:0"
x-powered-by
ASP.NET
content-type
font/x-woff
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
accept-ranges
bytes
content-length
11820
x-request-id
fb7f3e907465e8338f0080b7c017943e
expires
-1
bframe
www.google.com/recaptcha/api2/ Frame 1E03 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19db2eee8dca72eaaa9f3a8ae30bcb1ea7d4662264956ba59aba0fb33871e501
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vJNDVns61dIk-4WcfMIR1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shp.csharmony.epsilon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1155
content-security-policy
script-src 'report-sample' 'nonce-vJNDVns61dIk-4WcfMIR1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 May 2023 18:23:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
EndzoneTechCond-Bold.woff
shp.csharmony.epsilon.com/Pages/content/fonts/5086/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneTechCond-Bold.woff
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.167.76.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-76-98.us-west-2.compute.amazonaws.com
Software
nginx / ASP.NET
Resource Hash
d712d3d5f8acd4fe9fed3c25a0224545c379a5e555ad493ea4849209de92148a

Request headers

Referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
Origin
https://shp.csharmony.epsilon.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
last-modified
Wed, 07 Nov 2018 17:50:44 GMT
server
nginx
etag
"072ee67c276d41:0"
x-powered-by
ASP.NET
content-type
font/x-woff
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0
referer
https://shp.csharmony.epsilon.com/Pages/Content/css/5086/Germany_ROI_CSS_2023.css
accept-ranges
bytes
content-length
15096
x-request-id
2ae7be7ef8b0795cf30b919c387ef9fb
expires
-1
/
adb2waycm-atl.netmng.com/cm/ Frame 5071 		0
0
ibs:dpid=771&dpuuid=CAESEKkBZ4QyEGNNAX8G19fMZDw&google_cver=1
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTI5MDM4OTExODAzNzM0NzA2NzM2MDk0MDAyODU5NDAyNDU4NzY=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTI5MDM4OTExODAzNzM0NzA2NzM2MDk0MDAyODU5NDAyNDU4NzY=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKkBZ4QyEGNNAX8G19fMZDw&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKkBZ4QyEGNNAX8G19fMZDw&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0f7ff0385.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/EuGN777TpQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKkBZ4QyEGNNAX8G19fMZDw&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 1E03 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 08 May 2023 04:06:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 18:20:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ Frame 1E03 		411 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=wqcyhEwminqmAoT8QO_BkXCr&k=6LfEEzwUAAAAALbpZxjrrZZKZl655Fmuq3jS2Lw9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 13:07:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168053
x-xss-protection
0
last-modified
Mon, 08 May 2023 04:06:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 13:07:05 GMT
adsct
analytics.twitter.com/i/ Frame 5071 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=52903891180373470673609400285940245876&p_id=38594
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
113
date
Tue, 16 May 2023 18:23:50 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
d641377d52e712cb
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
2215f21e90870f07dc77b4620d3842d47c2503fa5e15c6524473c71a1389912e
content-length
43
1x1
pixel.everesttech.net/ Frame 5071
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.everesttech.net%2F1x1%3F
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.everesttech.net%252F1x1%253F&google_gid=CAESELAgZJjkxW-FBeHBPrYVoPs&google_cver=1
  • https://pixel.everesttech.net/1x1
128 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
54.155.243.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 5071
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072980%26val%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072980%2526val%253D__EFGSURFER__.__EFGCK__&google_gid=CAESEL...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
54.155.243.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 5071
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fib.adnxs.com%2Fpxj%3Faction%3Dsetuid(%27__EFGSURFER__.__EFGCK__%27)%26bidder%3D51%26seg%3D2634060der%3D51%26seg%3D2634060
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%25...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fib.adnxs.com%252Fpxj%253Faction%253Dsetuid(%2527__EFGSURFER__.__EFGCK__%2527)%2526bidder%253D51%2526seg%253D26...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
54.155.243.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 5071
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fexpires%3D30%26nid%3D2181%26put%3D__EFGSURFER__.__EFGCK__%26v%3D11782
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpir...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fpixel.rubiconproject.com%252Ftap.php%253Fexpires%253D30%2526nid%253D2181%2526put%253D__EFGSURFER__.__EFGCK__%2...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
54.155.243.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
1x1
pixel.everesttech.net/ Frame 5071
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%3D%26piggybackCookie%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fv...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI2NjgmdGw9NDMyMDA%253D%2526piggyb...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
54.155.243.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"36b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
generic
match.adsrvr.org/track/cmf/ Frame 5071 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=shp.csharmony.epsilon.com&ttd_tpi=1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ups.analytics.yahoo.com/ups/28/ Frame 5071
Redirect Chain
  • https://pixel.advertising.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true&verify=true
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true&verify=true
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true&verify=true
date
Tue, 16 May 2023 18:23:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1x1
pixel.everesttech.net/ Frame 5071
Redirect Chain
  • https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGSURFER__.__EFGCK__
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=WkdQS05nQUFBTWxuT2dOLQ&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id...
  • https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGSURFER__.__EFGCK__&google_...
  • https://pixel.everesttech.net/1x1
128 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.everesttech.net/1x1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
54.155.243.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-243-93.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Last-Modified
Mon, 19 Jul 2021 07:56:25 GMT
Server
Apache
ETag
"b3b521-80-5c775461d9c40"
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT", CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Type
image/png
Cache-Control
no-cache, no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
128

Redirect headers

Location
https://pixel.everesttech.net/1x1
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
ibs:dpid=28645&dpuuid=LgG6uIY-Dk0GoeOG_ZR3HMxo6R7EYTvf&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://gum.criteo.com/sync?s=1&c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LgG6uIY-Dk0GoeOG_ZR3HMxo6R7EYTvf&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LgG6uIY-Dk0GoeOG_ZR3HMxo6R7EYTvf&gdpr=0&gdpr_consent=
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0d6777522.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nn9S1FwgR3s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=LgG6uIY-Dk0GoeOG_ZR3HMxo6R7EYTvf&gdpr=0&gdpr_consent=
date
Tue, 16 May 2023 18:23:50 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1210196
content-length
0
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=52903891180373470673609400285940245876&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0629ebd29.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
GMg+GcGtRbc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
303,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Tue, 16 May 2023 18:23:51 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=52903891180373470673609400285940245876&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v048-0fa970038.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
obGk7iLURUw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,300
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 16 May 2023 18:23:51 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
content-length
0
v2
odr.mookie1.com/t/ Frame 5071 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_676804&src.visitorId=52903891180373470673609400285940245876&gdpr=0&gdpr_consent=
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
v1
ads.yahoo.com/cms/ Frame 5071
Redirect Chain
  • https://cm.everesttech.net/cm/yh
  • https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZGPKNgAAAMlnOgN-&sigv=1&esig=1~99a43862cfeec8ce50802bf8a52027e4245e03b4
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZGPKNgAAAMlnOgN-&sigv=1&esig=1~99a43862cfeec8ce50802bf8a52027e4245e03b4
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 18:23:51 GMT
strict-transport-security
max-age=31536000
cache-control
no-store
x-content-type-options
nosniff
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10001117525&eid=ZGPKNgAAAMlnOgN-&sigv=1&esig=1~99a43862cfeec8ce50802bf8a52027e4245e03b4
Date
Tue, 16 May 2023 18:23:51 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
pixel
cm.g.doubleclick.net/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdQS05nQUFBTWxuT2dOLQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdQS05nQUFBTWxuT2dOLQ==
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230094-FRA
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684261431.487911,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WkdQS05nQUFBTWxuT2dOLQ==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGPKNgAAAMlnOgN-&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGPKNgAAAMlnOgN-&expires=90
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by
cache-fra-eddf8230094-FRA
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684261431.488569,VS0,VE0
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZGPKNgAAAMlnOgN-&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGPKNgAAAMlnOgN-
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGPKNgAAAMlnOgN-&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZGPKNgAAAMlnOgN-&C=1
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 18:23:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2023 18:23:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=88&external_user_id=ZGPKNgAAAMlnOgN-&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
ib.adnxs.com/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=ZGPKNgAAAMlnOgN-
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=ZGPKNgAAAMlnOgN-
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
HTTP/1.1
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 18:23:51 GMT
AN-X-Request-Uuid
72a68d65-5845-4949-b60c-bd206a9223b7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230094-FRA
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684261431.488013,VS0,VE0
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=ZGPKNgAAAMlnOgN-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGPKNgAAAMlnOgN-
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGPKNgAAAMlnOgN-
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230094-FRA
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684261431.498208,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZGPKNgAAAMlnOgN-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGPKNgAAAMlnOgN-
1 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGPKNgAAAMlnOgN-
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 16 May 2023 18:23:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by
cache-fra-eddf8230094-FRA
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684261431.498005,VS0,VE0
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZGPKNgAAAMlnOgN-
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGPKNgAAAMlnOgN-&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGPKNgAAAMlnOgN-&img=1&__user_check__=1&sync_id=cee5062f-f416-11ed-9268-1d21b9eb0206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZGPKNgAAAMlnOgN-&img=1&__user_check__=1&sync_id=cee5062f-f416-11ed-9268-1d21b9eb0206
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Tue, 16 May 2023 18:23:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
127
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 16 May 2023 18:23:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=6409&uid=ZGPKNgAAAMlnOgN-&img=1&__user_check__=1&sync_id=cee5062f-f416-11ed-9268-1d21b9eb0206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
73
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 5071
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGPKNgAAAMlnOgN-&t=2592000&o=0
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGPKNgAAAMlnOgN-&t=2592000&o=0
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 11:23:51 PDT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
KpzNP3Q6klWFQHtJCJWYIpBYR9/il+l0JGw7JTb8xjb0Crwcyco+fAwqWd/s1w31FzGTAIM5rtIV17Ft+lHU2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
origin-agent-cluster
?0
cache-control
public, max-age=0
permissions-policy
accelerometer=(), midi=(), screen-wake-lock=()
expires
Tue, 16 May 2023 11:23:51 PDT

Redirect headers

x-served-by
cache-fra-eddf8230094-FRA
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
server
Varnish
x-timer
S1684261431.497637,VS0,VE0
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZGPKNgAAAMlnOgN-&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cm
trc.taboola.com/sg/adobe/1/ Frame 5071 		43 B
381 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230125-FRA
server
nginx
x-timer
S1684261432.526066,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 5071
Redirect Chain
  • https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
  • https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
Protocol
HTTP/1.1
Server
52.215.114.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-114-201.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v048-0f9a9001c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tf6ItUmsQxk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control
private, max-age=0, no-cache
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
vEPDG0SMK1BYEng9m_kAjg4xE3JS26qQNoTat9QYasuzWKojsSDRcQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5071
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=Cw09xYDnSBmpInyZ_ZfIGQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=52903891180373470673609400285940245876
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=52903891180373470673609400285940245876
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nfl.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2023 18:23:52 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
KYCQBCVDXGPTFTP2FS6K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v048-0d8a0b8fe.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
uCzGhO36TeM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=52903891180373470673609400285940245876
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: shp.csharmony.epsilon.com
URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 01:10:22 GMT
content-encoding
gzip
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
62009
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
SFTqZCm_C2w77gVnH88PUapVDDT_EZMV1SJZXmfvKMDM7ysVhDFlAg==
expires
Wed, 17 May 2023 01:10:22 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=nfl.com&p=%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D&u=C_g5oiCGKII2DS6_dO&d=shp.csharmony.epsilon.com&g=53820&g0=munich%20game&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3452&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D&b=3773&t=DhzoTuBAB37uU3U5-BHmCH7CDUxro&V=139&i=Ticketinfos%20f%C3%BCr%20Deutschland%202023&tz=0&sn=1&sv=BuvheRDegIM6CQGgOKB8zqY9hkz6&sd=1&im=0e030400&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.26.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-26-185.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 May 2023 18:23:51 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1171861479503898&ev=Microdata&dl=https%3A%2F%2Fshp.csharmony.epsilon.com%2Fpages%2FNFL_US%2F2023_Germany_ROI%2F%3Fck%3D&rl=&if=false&ts=1684261432263&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Ticketinfos%20f%C3%BCr%20Deutschland%202023%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684261430754.188651863&it=1684261430719&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shp.csharmony.epsilon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 16 May 2023 18:23:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adb2waycm-atl.netmng.com
URL
https://adb2waycm-atl.netmng.com/cm/

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless function| Visitor object| _satellite object| s_c_il number| s_c_in number| _sf_startpt object| analyticsDataNFLcom function| $ function| jQuery function| LoadParams function| RenderParam function| PreviewLoad function| ReplaceQueryStringParams object| pData boolean| paramRendered function| fbq function| _fbq string| channel object| _sf_async_config object| s string| s_code_version string| pageURL number| socialInterval function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| c_r function| c_rspers function| c_w function| DIL function| AppMeasurement_Module_DIL number| s_objectID number| s_giq number| _sd_prod_script_loc number| _sd_staging_script_loc string| _sd_temp_src string| f0 string| s_tnt object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| today object| s_i_cbsnfl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_897341 function| DP_jQuery_1684261431039 object| html5 object| Modernizr number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY

48 Cookies

Domain/Path Name / Value
.eloqua.com/ Name: ELOQUA
Value: GUID=032624F7A85848A0A59AAE1F02010C56
.eloqua.com/ Name: ELQSTATUS
Value: OK
shp.csharmony.epsilon.com/ Name: ASP.NET_SessionId
Value: tkoykvyfxpfvluldsptfa4un
.demdex.net/ Name: demdex
Value: 52903891180373470673609400285940245876
.epsilon.com/ Name: AMCVS_F75C3025512D2C1D0A490D44%40AdobeOrg
Value: 1
shp.csharmony.epsilon.com/ Name: _sdsat_Site Experience
Value: responsive
.epsilon.com/ Name: s_pers
Value: %20s_lv%3D1684261430703%7C1778869430703%3B%20s_lv_s%3DFirst%2520Visit%7C1684263230703%3B%20s_pv%3Dnfl.com%253Amunich%2520game%253Aregister%253Alanding%7C1684263230705%3B
.epsilon.com/ Name: s_cc
Value: true
.epsilon.com/ Name: _fbp
Value: fb.1.1684261430754.188651863
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGPKNgAAAMlnOgN-
.dpm.demdex.net/ Name: dpm
Value: 52903891180373470673609400285940245876
.shp.csharmony.epsilon.com/ Name: aam_did
Value: 52903891180373470673609400285940245876
.epsilon.com/ Name: AMCV_F75C3025512D2C1D0A490D44%40AdobeOrg
Value: 1099438348%7CMCIDTS%7C19494%7CMCMID%7C52694288578243927723629007469324048843%7CMCAAMLH-1684866230%7C6%7CMCAAMB-1684866230%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1684268630s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19501%7CvVersion%7C2.1.0
.epsilon.com/ Name: AAMC_nfl_0
Value: AMSYNCSOP%7C411-19501
.w55c.net/ Name: wfivefivec
Value: xoMkJpFk1PYZkW5
.adnxs.com/ Name: uuid2
Value: 1155442148896956080
.mathtag.com/ Name: uuid
Value: 015b6463-ca36-4600-8a8e-6d8dc898a1d4
.exelator.com/ Name: EE
Value: "7c1f634e3261cdd3c27c0f5b1dcf7f3c"
.w55c.net/ Name: matchdmx
Value: 5
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcE82TDNzNgk1djIzDA5JcU42cg82SDNNMkwJTnNPM04eXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQeEl%252BUWb6IhfXxUUpaQyLSopPBR8Reg4AyeIq2Q%253D%253D"
.doubleclick.net/ Name: IDE
Value: AHWqTUnF86RgOF21TE7QH9ApPZax2px1OvS1KGlyglPuIGY7TuXAtXKd5MBFpt9ezNk
.twitter.com/ Name: personalization_id
Value: "v1_c2ws10GSMOP6aNzatfRSfQ=="
.everesttech.net/ Name: ev_sync_ax
Value: 20230516
.everesttech.net/ Name: everest_session_v2
Value: ZGPKNwAAAZg0hHIZ
.turn.com/ Name: uid
Value: 9191615231000692315
.eyeota.net/ Name: SERVERID
Value: 20037~DM
.criteo.com/ Name: uid
Value: 94ec68bd-465d-4b26-9a1b-c30371ef59c3
.everesttech.net/ Name: ev_sync_yh
Value: 20230516
.advertising.com/ Name: A3
Value: d=AQABBDfKY2QCEAvTsMvwM6ZgA8ekkmJ9LoMFEgEBAQEbZWRtZOANyiMA_eMAAA&S=AQAAAmgH8q27ryAKWE1dK23TUMw
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2IlkeStaG!]tbPl1MwL(!R7qUY%icNDErxYWJX(>:hxLX@C!)1O/4]/X%W#.wL5oa9/sZwfzrVaXiW.TWBCu(lOfM!x%xz*VB'%
.demdex.net/ Name: dextp
Value: 269-1-1684261430937|3-1-1684261430942|359-1-1684261430959|358-1-1684261430973|470-1-1684261431035|843-1-1684261431088|640-1-1684261431110|771-1-1684261431122|1123-1-1684261431138|1083-1-1684261431152|1085-1-1684261431181|1086-1-1684261431194|1087-1-1684261431215|1088-1-1684261431230|903-1-1684261431245|6835-1-1684261431260|19913-1-1684261431275|28645-1-1684261431290|30064-1-1684261431306|30646-1-1684261431321|30862-1-1684261431336|83349-1-1684261431351|144230-1-1684261431374|144231-1-1684261431388|144232-1-1684261431405|144233-1-1684261431420|144234-1-1684261431436|144235-1-1684261431451|144236-1-1684261431467|144237-1-1684261431481|147592-1-1684261431496|152416-1-1684261431512|139200-1-1684261431527
.casalemedia.com/ Name: CMID
Value: ZGPKN10LdwENZGfuAUPEwAAA
.casalemedia.com/ Name: CMPS
Value: 1208
.casalemedia.com/ Name: CMPRO
Value: 1208
shp.csharmony.epsilon.com/ Name: AWSALB
Value: iXeOVAvdL+h4hHse9Fum6CKUvyAngBsLzmNtIFKDrw+QUYVwgRqQ/5NA8ms1CsSXivCal+j8WwHiBbO3XZlwYtQTM9GfHAvcSWxd+M6eIL0xBVqOttlvU0NT6TAq
shp.csharmony.epsilon.com/ Name: AWSALBCORS
Value: iXeOVAvdL+h4hHse9Fum6CKUvyAngBsLzmNtIFKDrw+QUYVwgRqQ/5NA8ms1CsSXivCal+j8WwHiBbO3XZlwYtQTM9GfHAvcSWxd+M6eIL0xBVqOttlvU0NT6TAq
.epsilon.com/ Name: s_sess
Value: %20s_ppvl%3Dnfl.com%25253Amunich%252520game%25253Aregister%25253Alanding%252C37%252C37%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B%20s_ppv%3Dnfl.com%25253Amunich%252520game%25253Aregister%25253Alanding%252C35%252C35%252C1200%252C1600%252C1200%252C1600%252C1200%252C1%252CP%3B
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-ZGPKNgAAAMlnOgN-&KRTB&22978-ZGPKNgAAAMlnOgN-&KRTB&23194-ZGPKNgAAAMlnOgN-&KRTB&23209-ZGPKNgAAAMlnOgN-
.pubmatic.com/ Name: PugT
Value: 1684261430
.spotxchange.com/ Name: audience
Value: cee505cd-f416-11ed-9268-1d21b9eb0206
.epsilon.com/ Name: _cb
Value: C_g5oiCGKII2DS6_dO
.epsilon.com/ Name: _chartbeat2
Value: .1684261431608.1684261431608.1.BuvheRDegIM6CQGgOKB8zqY9hkz6.1
.epsilon.com/ Name: _cb_svref
Value: null
.yahoo.com/ Name: A3
Value: d=AQABBDfKY2QCEPAEOrzyp8gYOLbcU1e5qUoFEgEBAQEbZWRtZOANyiMA_eMAAA&S=AQAAAlzFrwmA12Y8aY4rxU6MAlE
.amazon-adsystem.com/ Name: ad-id
Value: A5wsGMlmnkBXjsZG2HYasQk
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.undertone.com/ Name: UTID
Value: 0219bad03fd34e4d8b3a27fd47d7165c
.undertone.com/ Name: UTID_ENC
Value: 4h5wsitmx1g0yek26s1ebsd8

6 Console Messages

Source Level URL
Text
security warning URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=
Message:
Mixed Content: The page at 'https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=' was loaded over HTTPS, but requested an insecure element 'http://images.harmony.epsilon.com/ContentHandler/images?id=9b3a7154-26fe-4618-a28e-fdd9f0ec9a03'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=(Line 233)
Message:
Mixed Content: The page at 'https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=' was loaded over HTTPS, but requested an insecure element 'http://images.harmony.epsilon.com/ContentHandler/images?id=9b3a7154-26fe-4618-a28e-fdd9f0ec9a03'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=(Line 316)
Message:
Mixed Content: The page at 'https://shp.csharmony.epsilon.com/pages/NFL_US/2023_Germany_ROI/?ck=' was loaded over HTTPS, but requested an insecure element 'http://images.harmony.epsilon.com/ContentHandler/images?id=d6e0eeed-9225-4bd6-af04-d8f024dabc01'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneSans-Light.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://shp.csharmony.epsilon.com/Pages/content/fonts/5086/EndzoneTechCond-Bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ups.analytics.yahoo.com/ups/28/sync?uid=52903891180373470673609400285940245876&_origin=1&redir=true&verify=true
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adb2waycm-atl.netmng.com
ads.undertone.com
ads.yahoo.com
analytics.twitter.com
app.e.chiefs.com
assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
evt.undertone.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
images.harmony.epsilon.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nfl.demdex.net
odr.mookie1.com
ping.chartbeat.net
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
pm.w55c.net
ps.eyeota.net
s.amazon-adsystem.com
s771189855.t.eloqua.com
sb.scorecardresearch.com
shp.csharmony.epsilon.com
smetrics.nfl.com
static.chartbeat.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.gstatic.com
x.dlx.addthis.com
adb2waycm-atl.netmng.com
104.244.42.67
13.225.239.84
13.32.99.23
142.250.184.226
147.154.40.231
147.154.43.45
151.101.66.49
18.157.212.150
18.198.69.109
18.66.97.47
185.29.132.241
185.64.189.110
185.80.39.216
185.89.210.212
185.94.180.125
2.23.197.190
212.82.100.182
23.38.98.73
2600:9000:2057:c800:18:1fcd:351:7bc1
2a00:1288:80:807::2
2a00:1450:4001:80b::2003
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2004
2a02:2638:d::d
2a02:26f0:3500:591::1e80
2a02:6ea0:c700::10
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::300
3.125.70.222
3.75.62.37
34.160.236.64
34.193.26.185
34.98.64.218
35.167.76.98
35.71.131.137
46.228.164.13
52.211.51.157
52.215.114.201
52.46.155.104
52.51.141.47
54.155.243.93
63.140.62.135
69.173.144.138
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
110d5bc117146fcb414efda120522d1dc7ee5c4449f711e13e264a53bc2a7150
1571f698f46bf76a622724fbd7e1e9f29c4233a986862126d59aee98b8a452bf
18b1fd1e2d45dcebd7cf4fc0394a76621870779290823b33f11efafa005985da
19db2eee8dca72eaaa9f3a8ae30bcb1ea7d4662264956ba59aba0fb33871e501
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
239fec1d9240aa7c676d08324254d36b735088e3c8d4d125e0e6b1c30f03e4cd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0008344d2852b9a7783cc2989b5564096f15997b054c81f65826a22991556f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7602d5c90b10fe90158dec644785df672c2f340257b04b21884e03ea0e7e32
5139117cf389289ad62c8f4440f4e9370589c2e8c45beeef8bfd01e16a79ac6a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
689395b105e06e2e8786658670ca4425da281af8f91ccfdad053bd07837d7a62
6996e2a02589f4ffe5d4279d5e2441ba1213a47957c1882a755b1403a0ea67d9
6bfe87828e11c5cb1f39732b3df0aa91b7313fbb9a39737e33fa5def9126e526
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f60027a52f7b89756668bbd4ecfbf1eff6c9cad7128674aac9a83a9e1572bb2
810ea31eeeab58f92b62d1f6f0e0758c035a86b9090bd3f8311b41e320827a1c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
96a0ec4c1087b4969c0acacbf4b88a81fc55d173dc898396341fff651b1803db
997eec71eae0660bc6573df9db625845ef96c2fd6c48a26a98d5f76d80f1bf1a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a8cf5ff523a987b9fd065c8272104bf7c1b36d1dd5825ff1a105f93982b53be3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9b41bbb484aeedab598c24291942c8c2d0af98bdba3b430bf8fcd2cb709198a
bc36f104dddc05eadedda4274ff6effceed5d4aea9c9dd79fdd11cec39fa6c64
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c7bc61e9f825611a167d9b21b74b328c584a927dfe9c78210427f72f3c34fb4f
cf37d2687ee009f918cec9ef91f4817e8a05de46ca47dbfb01478a96ee3cc300
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d34d6db965fce3768a5d98606ef759b4d9d6b8157d60922c3ee6c6ceb9c7ec28
d5e2bb535ad59d697157aa17a14eb0b3a135f6f00d1a703b4025e9e1ebd8b6e5
d712d3d5f8acd4fe9fed3c25a0224545c379a5e555ad493ea4849209de92148a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629