urlscan.io logo urlscan.io
SecurityTrails logo

heavy.com Open in urlscan Pro
192.0.66.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://heavy.com/
Effective URL: https://heavy.com/
Submission: On October 19 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 8 countries across 80 domains to perform 284 HTTP transactions. The main IP is 192.0.66.32, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is heavy.com. The Cisco Umbrella rank of the primary domain is 56297.
TLS certificate: Issued by Network Solutions OV Server CA 2 on January 10th 2022. Valid for: a year.
This is the only time heavy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 192.0.66.32 2635 (AUTOMATTIC)
1 2a04:4e42:c00... 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
9 13.35.93.23 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 2607:f8b0:400... 15169 (GOOGLE)
3 143.204.150.76 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.138.128.58 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 5 18.164.96.90 16509 (AMAZON-02)
1 151.101.129.194 54113 (FASTLY)
2 74.119.119.139 19750 (AS-CRITEO)
1 3 141.95.98.65 16276 (OVH)
1 34.120.155.137 396982 (GOOGLE-CL...)
14 15 52.223.40.198 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.124.226 16509 (AMAZON-02)
3 3.230.217.116 14618 (AMAZON-AES)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 54.210.32.188 14618 (AMAZON-AES)
1 23.195.101.76 16625 (AKAMAI-AS)
1 104.18.18.126 13335 (CLOUDFLAR...)
1 52.200.148.159 14618 (AMAZON-AES)
1 2620:100:a001... 19750 (AS-CRITEO)
1 34.237.68.65 14618 (AMAZON-AES)
1 4 35.244.159.8 15169 (GOOGLE)
6 52.4.33.45 14618 (AMAZON-AES)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 2602:803:c002... 26667 (RUBICONPR...)
7 9 68.67.160.26 29990 (ASN-APPNEX)
5 54.198.133.215 14618 (AMAZON-AES)
1 199.250.166.129 26459 (TTD-ASN-01)
1 80.77.87.218 46636 (NATCOWEB)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 141.95.98.71 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
2 17 52.46.130.91 16509 (AMAZON-02)
11 12 35.211.178.172 19527 (GOOGLE-2)
1 51.222.39.184 16276 (OVH)
2 18.214.180.95 14618 (AMAZON-AES)
3 5 104.18.19.126 13335 (CLOUDFLAR...)
4 9 54.198.189.0 14618 (AMAZON-AES)
3 23.64.60.212 16625 (AKAMAI-AS)
1 3.212.154.204 14618 (AMAZON-AES)
3 11 104.105.42.146 16625 (AKAMAI-AS)
2 2 52.45.33.138 14618 (AMAZON-AES)
5 12 52.223.22.214 16509 (AMAZON-02)
10 13 69.173.151.100 26667 (RUBICONPR...)
4 5 151.101.194.49 54113 (FASTLY)
4 5 2600:1f18:4e9... 14618 (AMAZON-AES)
13 29 142.251.32.98 15169 (GOOGLE)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2 68.67.160.132 29990 (ASN-APPNEX)
2 36 52.207.45.55 14618 (AMAZON-AES)
6 8 70.42.32.191 13789 (INTERNAP-...)
2 2 207.198.113.88 13768 (COGECO-PEER1)
2 2 50.16.70.211 14618 (AMAZON-AES)
2 2 34.196.85.232 14618 (AMAZON-AES)
2 2 129.159.70.95 31898 (ORACLE-BM...)
1 2 169.197.150.8 398989 (DEEPINTENT)
8 8 70.42.32.255 22075 (AS-OUTBRAIN)
4 4 173.223.57.84 16625 (AKAMAI-AS)
2 2 3.225.64.41 14618 (AMAZON-AES)
6 6 199.127.204.171 26120 (RHYTHMONE)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 199.187.193.197 47043 (SMARTADSE...)
4 4 74.121.140.14 30419 (MEDIAMATH...)
3 3 18.214.193.123 14618 (AMAZON-AES)
3 3 124.146.215.43 2514 (INFOSPHER...)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
2 2 35.207.24.140 15169 (GOOGLE)
1 5 52.203.204.136 14618 (AMAZON-AES)
1 1 51.68.39.188 16276 (OVH)
2 10 192.40.39.223 27381 (CASALE-MEDIA)
8 8 2606:ae80:147... 26762 (CNVR-US-EAST)
2 2 54.208.230.249 14618 (AMAZON-AES)
1 2 34.215.0.93 16509 (AMAZON-02)
2 2 34.133.71.175 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 104.18.98.194 13335 (CLOUDFLAR...)
2 2 54.156.230.254 14618 (AMAZON-AES)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.94.220.185 16509 (AMAZON-02)
8 8 67.202.105.22 32748 (STEADFAST)
1 2 67.202.105.32 32748 (STEADFAST)
2 2 54.156.200.49 14618 (AMAZON-AES)
6 34.117.239.71 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 3.226.61.126 14618 (AMAZON-AES)
1 1 104.45.178.220 8075 (MICROSOFT...)
2 2 23.92.190.68 32475 (SINGLEHOP...)
2 2 20.127.253.7 8075 (MICROSOFT...)
3 2600:9000:251... 16509 (AMAZON-02)
2 2600:1f13:800... 16509 (AMAZON-02)
1 1 198.24.170.51 19437 (SS-ASH)
1 13.35.93.28 16509 (AMAZON-02)
1 54.144.112.47 14618 (AMAZON-AES)
1 35.241.45.217 15169 (GOOGLE)
1 34.102.243.38 396982 (GOOGLE-CL...)
1 52.85.61.12 16509 (AMAZON-02)
2 107.178.246.49 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.101.194.207 54113 (FASTLY)
1 188.40.92.96 24940 (HETZNER-AS)
1 151.101.130.207 54113 (FASTLY)
284 88
23    192.0.66.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
heavy.com
1    2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    13.35.93.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-23.jfk50.r.cloudfront.net
ads.adthrive.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4004:c1b::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
3    143.204.150.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
4    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    108.138.128.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net
logger.adthrive.com
1    2600:9000:2209:4e00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
15    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
3    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    2606:4700:20::ac43:45f7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
10    54.210.32.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-32-188.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    23.195.101.76 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-101-76.deploy.static.akamaitechnologies.com
a.teads.tv
1    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    52.200.148.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-148-159.compute-1.amazonaws.com
krk.kargo.com
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    34.237.68.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-68-65.compute-1.amazonaws.com
tlx.3lift.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
cafemedia-d.openx.net
u.openx.net
us-u.openx.net
6    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
c2shb.pubgw.yahoo.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2602:803:c002:200::41 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    68.67.160.26 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
5    54.198.133.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-133-215.compute-1.amazonaws.com
btlr.sharethrough.com
1    199.250.166.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
1    80.77.87.218 (Clifton, United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
1    2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    141.95.98.71 (France)

ASN16276 (OVH, FR)
PTR: ns3216577.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
17    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
12    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    51.222.39.184 (Canada)

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net
onetag-sys.com
2    18.214.180.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-180-95.compute-1.amazonaws.com
rtb.gumgum.com
5    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
9    54.198.189.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-189-0.compute-1.amazonaws.com
match.sharethrough.com
3    23.64.60.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-60-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    3.212.154.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-154-204.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
11    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
2    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
12    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
13    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
token.rubiconproject.com
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    2600:1f18:4e9:5a01:9805:2364:1f96:8667 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
29    142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
36    52.207.45.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-45-55.compute-1.amazonaws.com
usersync.gumgum.com
8    70.42.32.191 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    50.16.70.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-70-211.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    34.196.85.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-85-232.compute-1.amazonaws.com
sync.ipredictive.com
2    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
8    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    3.225.64.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-64-41.compute-1.amazonaws.com
ad.360yield.com
6    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    199.187.193.197 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
4    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    18.214.193.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-193-123.compute-1.amazonaws.com
cs.emxdgt.com
3    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
5    52.203.204.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-204-136.compute-1.amazonaws.com
ads.yieldmo.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
10    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    2606:ae80:1471:17::1050 (United States)

ASN26762 (CNVR-US-EAST, US)
casale-match.dotomi.com
33across-match.dotomi.com
dclk-match.dotomi.com
prebid-match.dotomi.com
2    54.208.230.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-230-249.compute-1.amazonaws.com
pm.w55c.net
2    34.215.0.93 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-0-93.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
1    2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    2607:f8b0:4006:81e::2001 (United States)

ASN15169 (GOOGLE, US)
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
tpc.googlesyndication.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.98.194 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    54.156.230.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-230-254.compute-1.amazonaws.com
ads.creative-serving.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
8    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
2    54.156.200.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-200-49.compute-1.amazonaws.com
t.pswec.com
6    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
2    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    3.226.61.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-61-126.compute-1.amazonaws.com
fw.adsafeprotected.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    23.92.190.68 (Katy, United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
3    2600:9000:2510:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2600:1f13:800:7781:43d8:4a1:2a71:94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    198.24.170.51 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
1    13.35.93.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-28.jfk50.r.cloudfront.net
ats.rlcdn.com
1    54.144.112.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-112-47.compute-1.amazonaws.com
mid.rkdms.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
pandg.tapad.com
1    52.85.61.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-12.ewr53.r.cloudfront.net
geo.privacymanager.io
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
1    188.40.92.96 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy01.cl03.k8s.mrf.io
events.newsroom.bi
1    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
Apex Domain
Subdomains		 Transfer
38 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1123
usersync.gumgum.com — Cisco Umbrella Rank: 2144
12 KB
36 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
190 KB
35 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1042
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 929
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 852
token.rubiconproject.com — Cisco Umbrella Rank: 682
59 KB
23 heavy.com
heavy.com — Cisco Umbrella Rank: 56297
198 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 313
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 534
s.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1205
61 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
105 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
dsum.casalemedia.com — Cisco Umbrella Rank: 1311
13 KB
16 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 895
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1155
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
6 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
direct.adsrvr.org — Cisco Umbrella Rank: 6109
insight.adsrvr.org — Cisco Umbrella Rank: 632
9 KB
14 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 972
events-ssc.33across.com — Cisco Umbrella Rank: 2246
5 KB
14 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 998
match.sharethrough.com — Cisco Umbrella Rank: 554
4 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
6 KB
12 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
5 KB
12 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5229
logger.adthrive.com — Cisco Umbrella Rank: 5670
276 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 438
10 KB
8 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2662
33across-match.dotomi.com — Cisco Umbrella Rank: 3401
dclk-match.dotomi.com — Cisco Umbrella Rank: 2865
prebid-match.dotomi.com — Cisco Umbrella Rank: 2235
3 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 560
5 KB
8 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 832
3 KB
7 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 794
static.adsafeprotected.com — Cisco Umbrella Rank: 594
dt.adsafeprotected.com — Cisco Umbrella Rank: 546
107 KB
6 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5478
ads.yieldmo.com — Cisco Umbrella Rank: 660
3 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 578
1 KB
5 openx.net
cafemedia-d.openx.net — Cisco Umbrella Rank: 6221
u.openx.net — Cisco Umbrella Rank: 664
us-u.openx.net — Cisco Umbrella Rank: 409
2 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
5 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 425
mug.criteo.com — Cisco Umbrella Rank: 2786
bidder.criteo.com — Cisco Umbrella Rank: 763
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
2 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
3 KB
4 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 504
3 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 470
ads.pubmatic.com — Cisco Umbrella Rank: 495
18 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 471
cdn.id5-sync.com — Cisco Umbrella Rank: 1193
20 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 78
2 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3463
onesignal.com — Cisco Umbrella Rank: 1191
73 KB
3 tapad.com
pandg.tapad.com — Cisco Umbrella Rank: 1763
pixel.tapad.com — Cisco Umbrella Rank: 456
2 KB
3 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3667
sync.inmobi.com — Cisco Umbrella Rank: 2083
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
1 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 657
961 B
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
3 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1055
589 B
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 15351
flowcards.mrf.io — Cisco Umbrella Rank: 15800
24 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
1 KB
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 3096
1 KB
2 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1517
hde.tynt.com — Cisco Umbrella Rank: 5085
3 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4112
1 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 499
478 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 923
820 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
456 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1094
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 681
622 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 891
550 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1204
1 KB
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 934
930 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1358
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1440
547 B
2 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3417
collector.brandmetrics.com Failed
17 KB
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 825
ats.rlcdn.com — Cisco Umbrella Rank: 1421
36 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
111 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2622
pixel.wp.com — Cisco Umbrella Rank: 2521
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 12270
910 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1492
597 B
1 pghub.io
pghub.io — Cisco Umbrella Rank: 1685
4 KB
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 950
455 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 4332
611 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
47 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
667 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3041
521 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 538
664 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
1 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1515
61 KB
1 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1561
236 B
1 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2370
644 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
519 B
1 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1585
60 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2507
7 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 801
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1404
418 B
284 80
Domain Requested by
36 usersync.gumgum.com 2 redirects rtb.gumgum.com
29 cm.g.doubleclick.net 13 redirects u.openx.net
rtb.gumgum.com
sync-amz.ads.yieldmo.com
eb2.3lift.com
s.amazon-adsystem.com
googleads.g.doubleclick.net
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
23 heavy.com 1 redirects heavy.com
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
eb2.3lift.com
14 match.adsrvr.org 13 redirects ads.adthrive.com
12 eb2.3lift.com 5 redirects ads.adthrive.com
eb2.3lift.com
12 x.bidswitch.net 11 redirects rtb.gumgum.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
10 prebid-server.rubiconproject.com ads.adthrive.com
eb2.3lift.com
hde.tynt.com
rtb.gumgum.com
9 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
9 ib.adnxs.com 7 redirects ads.adthrive.com
googleads.g.doubleclick.net
9 ads.adthrive.com heavy.com
ads.adthrive.com
8 ssc-cms.33across.com 8 redirects
8 b1sync.zemanta.com 8 redirects
8 sync.outbrain.com 6 redirects rtb.gumgum.com
8 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
hde.tynt.com
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
7 pixel.rubiconproject.com 4 redirects s.amazon-adsystem.com
6 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
6 c2shb.pubgw.yahoo.com ads.adthrive.com
5 ads.yieldmo.com 1 redirects sync-amz.ads.yieldmo.com
5 pr-bh.ybp.yahoo.com 4 redirects u.openx.net
5 sync-tm.everesttech.net 4 redirects u.openx.net
5 ssum-sec.casalemedia.com 3 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
5 btlr.sharethrough.com ads.adthrive.com
5 sb.scorecardresearch.com 1 redirects ads.adthrive.com
heavy.com
4 token.rubiconproject.com 4 redirects
4 sync.mathtag.com 4 redirects
4 sync.1rx.io 4 redirects
4 stags.bluekai.com 4 redirects
4 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
3 static.adsafeprotected.com abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
3 px.ads.linkedin.com 2 redirects s.amazon-adsystem.com
3 secure-assets.rubiconproject.com 3 redirects
3 creativecdn.com 3 redirects
3 tg.socdm.com 3 redirects
3 cs.emxdgt.com 3 redirects
3 us-u.openx.net 1 redirects u.openx.net
3 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
3 c2shb.ssp.yahoo.com ads.adthrive.com
3 id5-sync.com 1 redirects ads.adthrive.com
cdn.id5-sync.com
3 logger.adthrive.com ads.adthrive.com
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
3 www.google.com heavy.com
tpc.googlesyndication.com
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
2 cdn.onesignal.com heavy.com
cdn.onesignal.com
2 pixel.tapad.com pandg.tapad.com
2 dt.adsafeprotected.com abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
2 prebid-match.dotomi.com 2 redirects
2 sync.inmobi.com 2 redirects
2 ap.lijit.com 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 fw.adsafeprotected.com 1 redirects abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
heavy.com
2 33across-match.dotomi.com 2 redirects
2 t.pswec.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
2 um.simpli.fi 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pm.w55c.net 2 redirects
2 casale-match.dotomi.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com 1 redirects rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 secure.adnxs.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 rtb.gumgum.com s.amazon-adsystem.com
ads.adthrive.com
2 cdn.brandmetrics.com ads.adthrive.com
cdn.brandmetrics.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 www.facebook.com heavy.com
2 connect.facebook.net heavy.com
connect.facebook.net
2 www.google-analytics.com heavy.com
www.google-analytics.com
1 onesignal.com cdn.onesignal.com
1 flowcards.mrf.io
1 events.newsroom.bi sdk.mrf.io
1 sdk.mrf.io heavy.com
1 geo.privacymanager.io ats.rlcdn.com
1 pandg.tapad.com pghub.io
1 insight.adsrvr.org 1 redirects
1 pghub.io ads.adthrive.com
1 mid.rkdms.com ads.adthrive.com
1 ats.rlcdn.com ads.adthrive.com
1 server.cpmstar.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 www.googletagservices.com abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
1 hde.tynt.com ads.adthrive.com
1 de.tynt.com 1 redirects
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 c.bing.com eb2.3lift.com
1 adservice.google.com securepubads.g.doubleclick.net
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dsp.nrich.ai 1 redirects
1 bh.contextweb.com 1 redirects
1 u.openx.net s.amazon-adsystem.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 onetag-sys.com s.amazon-adsystem.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.confiant-integrations.net confiant-integrations.global.ssl.fastly.net
1 colossusssp.com ads.adthrive.com
1 direct.adsrvr.org ads.adthrive.com
1 fastlane.rubiconproject.com ads.adthrive.com
1 hbopenbid.pubmatic.com ads.adthrive.com
1 cafemedia-d.openx.net ads.adthrive.com
1 tlx.3lift.com ads.adthrive.com
1 bidder.criteo.com ads.adthrive.com
1 krk.kargo.com ads.adthrive.com
1 htlb.casalemedia.com ads.adthrive.com
1 a.teads.tv ads.adthrive.com
1 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.id5-sync.com heavy.com
1 api.rlcdn.com ads.adthrive.com
1 confiant-integrations.global.ssl.fastly.net ads.adthrive.com
1 cdn.jwplayer.com ads.adthrive.com
1 unpkg.com ads.adthrive.com
1 pixel.wp.com heavy.com
1 stats.g.doubleclick.net www.google-analytics.com
1 stats.wp.com heavy.com
1 polyfill.io heavy.com
0 collector.brandmetrics.com Failed cdn.brandmetrics.com
284 130

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
flipboard.com
wpvip.com
Subject Issuer Validity Valid
*.heavy.com
Network Solutions OV Server CA 2		 2022-01-10 -
2023-02-10		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adthrive.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-29 -
2022-10-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.app.kargo.com
Amazon		 2022-01-06 -
2023-02-03		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.sharethrough.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-10 -
2023-08-11		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.confiant-integrations.net
E1		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.gumgum.com
Amazon		 2022-09-14 -
2023-10-11		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-04-25 -
2023-05-24		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon		 2022-02-09 -
2023-03-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.rkdms.com
Entrust Certification Authority - L1K		 2021-10-04 -
2022-10-30		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-02 -
2023-02-17		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-19 -
2023-02-20		 a year crt.sh
ssl03.cert.cl03.k8s.mrf.io
R3		 2022-10-04 -
2023-01-02		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-19 -
2023-02-20		 a year crt.sh

This page contains 49 frames:

Primary Page: https://heavy.com/
Frame ID: 19589EDC1AB7D9A55B93CD020C4FB232
Requests: 113 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B66F70F856AD69456E7D9CCE8501F88D
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/ac9686f/html/topics.html
Frame ID: 61B1C12058C177317C8D9B01D56AC183
Requests: 1 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/ac9686f/html/rnf.html
Frame ID: BA57DA49857A8399B0B5AF0C593CFFD4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Frame ID: 8C8119A1F98961FD441F43B46D4EB6A3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 5186329520B4DB4CE7AF2E000BC082BF
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 2772D0399B51DF87D48741E20E6CB5C3
Requests: 16 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: F5044E10889A0DFD899E2A82C3BC655F
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: F9DCF9FD725BF1BE7DA0498EDAE1314E
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 9C1A8938D8C0AC3287A0D3BBDD42199C
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: D2FF2CE732CC6C759CEC9C157777611F
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: A9CD6902E6D5B4AB9FB411933415A656
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fSHNTcUpSRTJ1S1diSnRYWEJkcDJ0QTczYXBzelp3dX5B
Frame ID: C556CA0F0093247A8224610FE02D27DE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 9698EE7A892A78E086BB99F9DF875AA3
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1459971591854656313&ex=appnexus.com
Frame ID: E13F27A7C60DA3A8F142C8CB53009C3E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1800898157156868043624
Frame ID: 29E54A010AC5D7E09F4EAC4E480B816D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Frame ID: 73AB0B2B96DD2A7B24EEB6B9E0395624
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO
Frame ID: 4584422243D2E31AE626909DE6C092EE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=&google_tc=
Frame ID: FCC1D7BF4AD722EFAFD9B1A125393CB4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 50A22A515C40E9F1553C9193298EB373
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Frame ID: B67B41BDA8FDDAC345EFF5814F8ECC63
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
Frame ID: 5320CCFD52AF799CE718536B89FBEE6C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y1BnmcCo8X0AAN.44fkAAAAA
Frame ID: E71A592E25630061E5515AAB6621D0B6
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Frame ID: 550C98A2D68BE172181CB50EE5C84B7E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum&tc=1
Frame ID: 93C9469A37CE038A3FEDC642B1B83150
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 90C099F13203814687F99026788C2933
Requests: 3 HTTP requests in this frame

Frame: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60FF3A9F0144BF7EAF606B5FA7FAE7AF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: 73C1BD26D1718C358A09181473D7B07C
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0BF0B9F5EDD52B5984B78A1DC429AFFD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 644B1BA5D3A8FC21B4133F53F5BDFF32
Requests: 2 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Frame ID: E3E5687639484668809C479AFA010558
Requests: 7 HTTP requests in this frame

Frame: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 139DC5315B7976B883066DA3CC943F52
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Frame ID: 4C5E9814B47F2FEAB9D72BCF12F1C264
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2aiAIQx_3gAhjUuuPKATAB&v=APEucNWhdjtDbTHvfbXOyexi0fW6Z0ik6Ga3awf_uKedROrIvYCnFC7Z467hTD61_q_loYS18EvXCxZwBFJGvrajUdZd7M5V3Q
Frame ID: C718BDA94126BF821122A5C4194E3788
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 009791E2F31829C9A0DDB16330618D16
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB0A1966BE34EA2FA57BC3912BC2E882
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D33E7B662DDE311CA5C702C28C64168D
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Frame ID: 1D7431D06E33691338B33FFB44D4EB0F
Requests: 11 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Frame ID: 31A08ED90F2B95661C4D144348E053BE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=
Frame ID: 6EDD731E077F78D3090C2268E8180054
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=
Frame ID: 05B49D3518463B870675416B8A473ACA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 7F850073916523A9E299A2032967D514
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Frame ID: C42C22DC66D7C82B89890727DEA344A0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
Frame ID: 4CED76A474856279C85BCDCB2C2CBE08
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y1Bnm8Co8X0AAN.44i0AAAAA
Frame ID: CB29344AF99380BDE632001DDCA14482
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Frame ID: 2E9F7D26EF7C7E6B40B255ECEE9CDC64
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum
Frame ID: A349747C11DD568091E65D4C8A3B50D0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 71B383126EBD3B0FBB598FCE0FCA51FB
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fheavy.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Frame ID: 18A948E295190781609EEFAE5577A672
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heavy.com | Sports, Entertainment, Breaking News & Shopping

Page URL History Show full URLs

  1. http://heavy.com/ HTTP 301
    https://heavy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

284
Requests

69 %
HTTPS

24 %
IPv6

80
Domains

130
Subdomains

88
IPs

8
Countries

1543 kB
Transfer

4691 kB
Size

123
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heavy.com/ HTTP 301
    https://heavy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fheavy.com%2F&domain=heavy.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HTd_qHwwTHFvcGk4RHhKTlBiL2NJNS9GTW9EM1ZHT1BSMEhsaXpoUjFHRkwrMFJRNUtxUjNuSE9Hd2sxbU5oSzVjUzYwL01SeStpZ1hXS3RiS1J0N3EydEpRcGlhNVYybFJrUFhsb21DbXFKd2tMUUptWUN3OGExV0xyck56SW1uRGRHT21Idy9naTBZc1hxb2c3SEVlcFljZEFwY2JXSjY5ZFF4OXN3N0JhN29yTTRhSm1jalcyQURRZk1qN09ZS1hldDVhSXJTK2lZSEdnUDVyRXJHVEZpUEtLRllQdEVtTHJvUk9PS2tUQXBlVitJPXw&cppv=2
Request Chain 87
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213784868&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaking%20News%20%26%20Shopping&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213784868&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaking%20News%20%26%20Shopping&c9=
Request Chain 93
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Request Chain 97
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Request Chain 100
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 105
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fSHNTcUpSRTJ1S1diSnRYWEJkcDJ0QTczYXBzelp3dX5B
Request Chain 107
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1459971591854656313&ex=appnexus.com
Request Chain 108
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1800898157156868043624
Request Chain 109
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=9262&us_privacy=1--- HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9262&uid=L9G4O0W2-1F-G7NF&us_privacy=1---
Request Chain 111
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y1BnmQABozmFZQAT
Request Chain 113
  • https://match.adsrvr.org/track/cmf/openx?oxid=66682f7b-a47e-70b7-c469-6796b21fbd44&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=66682f7b-a47e-70b7-c469-6796b21fbd44&gdpr=0&gdpr_consent=
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGEwN2ZjYjEtNmQwOS0yZTEzLWQxODktM2QyZjc4ZmQ3MzI0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGEwN2ZjYjEtNmQwOS0yZTEzLWQxODktM2QyZjc4ZmQ3MzI0&google_tc=
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJ-td9VtNlKJ_4z6VoTHU4&google_cver=1
Request Chain 117
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
Request Chain 119
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&obuid=ENC(-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3D-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=b3ce8c41-96a3-4d8a-9a24-33e480d4cbe8-63506799-5553&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 120
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=91558b0b-8c6b-48e1-a312-777b7a4fbc02
Request Chain 121
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-25cd64a8-b926-4813-645b-06246ff38a7a$ip$96.9.249.37
Request Chain 122
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
Request Chain 123
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
Request Chain 124
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
Request Chain 126
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=xjULo2IyAEivT6_B8v6S&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHV4GUVKMN4ZES6KBIVUXMVBWL5BDQ5RWKM HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHV4GUVKMN4ZES6KBIVUXMVBWL5BDQ5RWKM HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=xjULo2IyAEivT6_B8v6S
Request Chain 127
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=bca6f3d6-3227-4fd1-ac52-27c252705d22
Request Chain 128
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1666213785676 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=234604614 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/ea221eaf-db5b-4d4d-a055-5e9c544a934a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
Request Chain 129
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=UQLtaa4RhPRA&ev=1&pid=558355
Request Chain 130
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
Request Chain 133
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=QU-QUaoE3OumbmkcRxSQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2UKVFVIVKYLPIUZU65LNMJWWWY2SPBJVC&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DCNDGHBRTKZJSMEZTIYTBGU2CM43POVZGGZK7OVZWK4S7NFSD2UKVFVIVKYLPIUZU65LNMJWWWY2SPBJVC HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=QU-QUaoE3OumbmkcRxSQ
Request Chain 134
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
Request Chain 135
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
Request Chain 136
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=15 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d32b6063-2ce6-4894-7061-58faa596c68c$ip$96.9.249.37
Request Chain 137
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Request Chain 138
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=&google_tc=
Request Chain 141
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Request Chain 142
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=1459971591854656313&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
Request Chain 143
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1BnmcCo8X0AAN.44fkAAAAA
Request Chain 144
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Request Chain 145
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum&tc=1
Request Chain 146
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 148
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=1143ebb9-27ee-49a7-bf6c-ab6a434450bd&gdpr=&gdpr_pd=&gdpr_consent=
Request Chain 149
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g5ff9137a71aab1064c5 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Request Chain 150
  • https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5ce5ed47-a050-4072-ba03-5e50c6e0d3c6&expires=1&user_group=5&ssp=yieldmo&bsw_param=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://ads.yieldmo.com/sync?userid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Request Chain 151
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1459971591854656313&pn_id=an
Request Chain 153
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805785&gdpr=0&gdpr_consent=
Request Chain 154
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1BnmdhmOIisWEAbAzRkEAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1BnmdhmOIisWEAbAzRkEAAAACsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJGEYB2QjgT4VjmdbjYu7M8&google_cver=1
Request Chain 157
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=218f306fa4a015ca&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABzSqMRMPhIgN8IYQuAAAAAAA&expiration=1666300185&is_secure=true
Request Chain 158
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=aJ0rdWhn1OLgjT5
Request Chain 159
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1BnmdhmOIisWEAbAzRkEAAA%26043?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Request Chain 160
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2D25B5DE5A984F5495D4F999FC6708B9
Request Chain 167
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9G4O0W2-1F-G7NF HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L9G4O0W2-1F-G7NF&ex=d-rubiconproject.com&status=ok
Request Chain 169
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&dongle=0cfd
Request Chain 170
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgwMDg5ODE1NzE1Njg2ODA0MzYyNA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECWQB8qQH7ToTYqJwUefvpQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 172
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgwMDg5ODE1NzE1Njg2ODA0MzYyNA%3D%3D
Request Chain 173
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1800898157156868043624&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1800898157156868043624&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc&_noobservation=1&_expected_cookie=4ddd78d92026f6ba069aa6b066cd0f65
Request Chain 174
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1800898157156868043624&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ea73ac56-671f-48a7-b0ee-846b9b6fd698&ssp=triplelift&expires=30&user_group=5&bsw_param=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 175
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1800898157156868043624?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WI_5w1BE2oTnnBY7dvFpqD_d87IUmrFm5G4FHlAASQ--~A&dongle=0883
Request Chain 178
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=QU-QUaoE3OumbmkcRxSQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KFKS2UKVMFXUKM2POVWWE3LLMNJHQU2R&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KFKS2UKVMFXUKM2POVWWE3LLMNJHQU2R HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=QU-QUaoE3OumbmkcRxSQ
Request Chain 181
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BQZanTKepWlGnyvGQLrTgsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8788514985055424714
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFwpWDSixq5O4t78b1PBRg&google_cver=1
Request Chain 184
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==
Request Chain 185
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE5NTExYWI0NDJkZTRlYzdjMDNiMGFjNDNiZTU3N2NiOWMwZmI2YQ
Request Chain 186
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gm0Hsk47QmOtMQ_UnwPwoQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gm0Hsk47QmOtMQ_UnwPwoQ
Request Chain 187
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=&expires=30
Request Chain 188
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9G4O0W2-1F-G7NF
Request Chain 191
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9G4O0W2-1F-G7NF HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L9G4O0W2-1F-G7NF
Request Chain 195
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3DRX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
Request Chain 196
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Request Chain 198
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1--- HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Request Chain 199
  • https://ssc-cms.33across.com/ps/?_=1666213786507.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=117941801089978
Request Chain 200
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1--- HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=4fac9b1d-0694-4b39-9fc9-ee84ada974d9&expires=3&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 201
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1666213786507.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=17336350-6799-4700-a300-f79b24069d01
Request Chain 202
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-ZZHNX4xE2uEpsgRN5ORqRPFM51WyUo.G~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ZZHNX4xE2uEpsgRN5ORqRPFM51WyUo.G%7EA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 203
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=57b393ae16d104d0&is_secure=true&networkId=78390&version=1&us_privacy=1--- HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABtbfiBXwwigMLoX_MAAAAAAA&expiration=1666300186&is_secure=true&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABtbfiBXwwigMLoX_MAAAAAAA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 204
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=1800898157156868043624 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1800898157156868043624&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 214
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=L9G4O0W2-1F-G7NF HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L9G4O0W2-1F-G7NF&us_privacy=1--- HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9G4O0W2-1F-G7NF&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1BnmdhmOIisWEAbAzRkEAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI3rlx-ExOq9sa62czagc_I&google_cver=1
Request Chain 219
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ1OTk3MTU5MTg1NDY1NjMxMw%3D%3D
Request Chain 226
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_cver=1&google_push=AZmPxg-xR-wxTk4R3KYHYq4EjbdsJ-hZCFBdHevA_H4FrqNiBH1eXG9JvHYsX_QbZGmasmVTDvjgt2BWddZEw0ophKk-nvB_7pU HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=365a91c0ba880512&is_secure=true&networkId=14000&version=1&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_cver=1&google_push=AZmPxg-xR-wxTk4R3KYHYq4EjbdsJ-hZCFBdHevA_H4FrqNiBH1eXG9JvHYsX_QbZGmasmVTDvjgt2BWddZEw0ophKk-nvB_7pU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH2zcWGFPTewNJQiyvAAAAAAA&expiration=1666300186&google_cver=1&is_secure=true&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_push=AZmPxg-xR-wxTk4R3KYHYq4EjbdsJ-hZCFBdHevA_H4FrqNiBH1eXG9JvHYsX_QbZGmasmVTDvjgt2BWddZEw0ophKk-nvB_7pU
Request Chain 227
  • https://um.simpli.fi/gp_match?google_gid=CAESEF80W_SzsGYQai8sDtLRVPc&google_cver=1&google_push=AZmPxg-RgtadWz7EuMxbJYANPYVMmzNSUluV6KO1ArQUjkmIs3eMkVdaNgeqNepK3B1y74IbEK8pP_YdMjkX_3Z1ylxJCVcQrkeW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D25B5DE5A984F5495D4F999FC6708B9&google_push=AZmPxg-RgtadWz7EuMxbJYANPYVMmzNSUluV6KO1ArQUjkmIs3eMkVdaNgeqNepK3B1y74IbEK8pP_YdMjkX_3Z1ylxJCVcQrkeW
Request Chain 228
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEKAEX9kMzSJXjCBLMgw2jEQ&google_cver=1&google_push=AZmPxg-Or06yZsV4VIGcADr1SWlOwnXtQC1wikps13Z_AE1Q4a36eNCKhkV9ZQtoL_U64ql8jbSjct_H394TVfQCBrPVqdYjwZU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmY5NmQzODAtYjRhMy00NzIxLWFhZDYtOWY2NzAyNzVhY2My&google_gid=CAESEKAEX9kMzSJXjCBLMgw2jEQ&google_cver=1&google_push=AZmPxg-Or06yZsV4VIGcADr1SWlOwnXtQC1wikps13Z_AE1Q4a36eNCKhkV9ZQtoL_U64ql8jbSjct_H394TVfQCBrPVqdYjwZU
Request Chain 229
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECvDKz-qm2UFYEJ735eUaK0&google_cver=1&google_push=AZmPxg93rYR-h1bob9r21FeoT0A09N-sv9EV2DKB-zhAE3EZwOBbRYCTW5PBXzSXVc5UsFFJOFZCrr0S0qEZnrq79x8lTGA1Xno HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==&google_push=AZmPxg93rYR-h1bob9r21FeoT0A09N-sv9EV2DKB-zhAE3EZwOBbRYCTW5PBXzSXVc5UsFFJOFZCrr0S0qEZnrq79x8lTGA1Xno
Request Chain 230
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFJCK2wFQzWXDYHOtfjOgXM&google_cver=1&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wYaDtZA0XN6w HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFJCK2wFQzWXDYHOtfjOgXM&google_cver=1&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wYaDtZA0XN6w&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wYaDtZA0XN6w&google_hm=Fgk1aGZHWRHO2AuZTuWwWMDu
Request Chain 231
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEH54mZWSlbGu24vdAE9-SC8&google_cver=1&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpGrwo8WFXN8Ffa7Ga1eKSBa5t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpGrwo8WFXN8Ffa7Ga1eKSBa5t&google_hm=WTFCbm04Q284WW9BQUdHbXJwb0FBQUFB
Request Chain 232
  • https://sync.inmobi.com/gob?google_gid=CAESEPerFddnrwLPIgLoBMb6J74&google_cver=1&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3 HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3 HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMO6RwY0q-yhcBQJunpGoFJanOo8sueAbIzlmXeNA&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=B0cxX9iTOZqbwzfQgK1x&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3&google_nid=inmobi_new_eb
Request Chain 235
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=11d286929d880512&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAAHvbpHwVhjMgNEsdkXAAAAAAA&expiration=1666300187&is_secure=true
Request Chain 236
  • https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/849383/63209238/imp/3/174244;6481523;201;jsappend;DV360;WConvACQBPSUSEN2PD050122103122728x90NADInMarMSFTJDRTBDV360DV360100BPSDataPremiumACQ2334269725/?bidURL=https://heavy.com/&ftOBA=1&ft_domain=heavy.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fheavy.com%2F&us_privacy=${US_PRIVACY}&ft_custom=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIlZTQsEKoAsf94AKwAsbC6uADQAHSAioYASITCOXIxIaa7foCFXy60QQdXzwN6ygBMAE4-vWu2awQQAJIAViZgSAQ1LrjygHJy66rRYcnBUJlbmo4r3RW&cachebuster=918716.8748460382&adsafe_url=https%3A%2F%2Fheavy.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fheavy.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fabaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fabaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f1191fb3-63e4-99e7-cd60-4611dd1b8c32,c:rwGCwG,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-fdf6cbc97-jlrbx,rg:va,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,mtim:3,mot:0,app:0,maw:0,fm:tkKjfit+11%7C12%7C13%7C14111%7C14112%7C14113%7C14114%7C14115%7C14116%7C14117%7C14118%7C14119%7C1411a%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C141a%7C15%7C16%7C17%7C181%7C19*.849383-63209238%7C191%7C192%7C1931,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:22,oid:5c6a657f-4ff2-11ed-ac0c-166e2fc5c927,v:19.8.358,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_728x90.js
Request Chain 242
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
Request Chain 243
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=kN1oDJaNOqPZnMONWC070 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Request Chain 244
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&obuid=ENC(-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1459971591854656313&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Request Chain 245
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
Request Chain 246
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
Request Chain 247
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
Request Chain 248
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_1f970b81999a443689c4d
Request Chain 249
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=QU-QUaoE3OumbmkcRxSQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVIVKLKRKVQW6RJTJ52W2YTNNNRVE6CTKETHK427OBZGS5TBMN4T2MJNFUWQ&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVIVKLKRKVQW6RJTJ52W2YTNNNRVE6CTKETHK427OBZGS5TBMN4T2MJNFUWQ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=QU-QUaoE3OumbmkcRxSQ&us_privacy=1---
Request Chain 250
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
Request Chain 252
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Request Chain 253
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=
Request Chain 256
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Request Chain 257
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
Request Chain 258
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1Bnm8Co8X0AAN.44i0AAAAA
Request Chain 259
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Request Chain 260
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum
Request Chain 261
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 266
  • https://insight.adsrvr.org/track/evnt/?adv=z127r4i&ct=0:p21aj7j&fmt=3 HTTP 302
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1459971591854656313&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZWEyMjFlYWYtZGI1Yi00ZDRkLWEwNTUtNWU5YzU0NGE5MzRh&gdpr=0&gdpr_consent=&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&google_gid=CAESEF61f4nSlnXaazsfzHQuCA8&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805787&gdpr=0&gdpr_consent=
Request Chain 270
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1a24cd5f-6bb2-451c-ada6-91de6fb45f49&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=1a24cd5f-6bb2-451c-ada6-91de6fb45f49
Request Chain 271
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2040%26partner_device_id%3D%5BMM_UUID%5D&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Request Chain 272
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=ga42885b583c005b4ae9&gdpr=&gdpr_consent=&us_privacy=1---
Request Chain 273
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc

284 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heavy.com/
Redirect Chain
  • http://heavy.com/
  • https://heavy.com/
197 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
9fa580b17b1b5d515855eb42e63a72162de659faec5478e2604e6e326d154d67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 19 Oct 2022 21:09:43 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://heavy.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-cache
miss
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-rq
ewr4 0 2 9980

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 19 Oct 2022 21:09:42 GMT
Location
https://heavy.com/
Server
nginx
poppins-v5-latin-ext_latin-700.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/poppins-v5-latin-ext_latin-700.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5decc210dbe7320771b5ddf86e95be8c6d74d09ac53ab756d4bebcca49c5d3f

Request headers

Referer
https://heavy.com/
Origin
https://heavy.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
content-encoding
gzip
age
144
x-cache
hit
content-length
10527
x-rq
ewr4 0 2 9980
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
etag
W/"633ac825-2908"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:09:43 GMT
poppins-v5-latin-ext_latin-regular.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/poppins-v5-latin-ext_latin-regular.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7

Request headers

Referer
https://heavy.com/
Origin
https://heavy.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
content-encoding
gzip
age
144
x-cache
hit
content-length
10487
x-rq
ewr4 0 2 9980
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
etag
W/"633ac825-28e0"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:09:43 GMT
pt-serif-v9-latin-ext_latin-regular.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-regular.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1060ed99e26a253331d797ce0353b9aa7ffc012b7cf80da7bacf43749c06114e

Request headers

Referer
https://heavy.com/
Origin
https://heavy.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
content-encoding
gzip
age
144
x-cache
hit
content-length
42401
x-rq
ewr4 0 2 9980
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
etag
W/"633ac825-a580"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:09:43 GMT
pt-serif-v9-latin-ext_latin-italic.woff2
heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/fonts/pt-serif-v9-latin-ext_latin-italic.woff2
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b1d24638581b5833b799ae0f4eac192daf1f2530fb04670f7f2ea467b2ee3a3c

Request headers

Referer
https://heavy.com/
Origin
https://heavy.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
content-encoding
gzip
age
144
x-cache
hit
content-length
44969
x-rq
ewr4 0 2 9980
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
etag
W/"633ac825-af88"
vary
X-Mobile-Class
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 21:09:43 GMT
print.css
heavy.com/wp-content/themes/heavy/assets/dist/css/ 		699 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/css/print.css?ver=1664796709
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b925b10658e33e914afb403288724c44a82441e1bba11b3112c9e4e560dfe378

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
age
18942
etag
W/"633ac825-2bb"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
381
expires
Thu, 19 Oct 2023 21:09:43 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=default%2CArray.prototype.find%2CIntersectionObserver%2CIntersectionObserverEntry%2CPromise%2Cfetch%2CElement.prototype.closest
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
br
last-modified
Wed, 19 Oct 2022 13:32:57 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/106.0.0
server-timing
cache-chc950029, PASS, fastly;desc="Edge time";dur=7
accept-ranges
bytes
content-length
94
iolazy.min.js
heavy.com/wp-content/themes/heavy/assets/dist/vendor/iolazy/ 		2 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/iolazy/iolazy.min.js?ver=1664796709
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bef51fe56f26bd5e2c23de215cc8b5bfe8bdbe752ac0dff1263f3bf38b5c8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
age
18942
etag
W/"633ac825-768"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
782
expires
Thu, 19 Oct 2023 21:09:43 GMT
main.js
heavy.com/wp-content/themes/heavy/assets/dist/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/js/main.js?ver=1664796709
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b5433eeebbe87298dd41c3eca9803ce5bfab705966253c106a2ac9ed36a58f20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
age
18942
etag
W/"633ac825-8bc7"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9740
expires
Thu, 19 Oct 2023 21:09:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 20:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2085
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 19 Oct 2022 22:34:58 GMT
ads.min.js
ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?referrer=https%3A%2F%2Fheavy.com%2F&cb=34
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
2146416c1ea5e784140a54cf8f6f00e6ab60c9d59b3efb6d51b36313243b6f06

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

adthrive-bucket
flex-31
date
Wed, 19 Oct 2022 18:06:29 GMT
content-encoding
gzip
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
adthrive-deployment
2022-10-19-5:adm-388:pr2787:ac9686f
x-amz-cf-pop
JFK50-P8
age
10994
adthrive-commit
ac9686f
x-cache
Hit from cloudfront
content-length
17984
adthrive-gdpr
false
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
1NpIEV_fitdiHHNdSTfh-ZxBNbByB2xEdx4WaF0paVplossp3PW_jQ==
ga.min.js
heavy.com/wp-content/themes/heavy/plugins/google-analytics/ 		997 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/plugins/google-analytics/ga.min.js?ver=1664796709
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7333edde984060621b99cc524b9bfc8fe8600f55312edc14037b5b3218231533

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
age
18942
etag
W/"633ac825-3e5"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
464
expires
Thu, 19 Oct 2023 21:09:43 GMT
script-queue.js
heavy.com/wp-content/plugins/xcurrent/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/plugins/xcurrent/assets/js/script-queue.js?ver=e90bcdcbd6fe210440daf8a58f98568b
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ad17821181398ca3b1c0456f9c52690e37d09e2b187809fc9b2e35516de64ee2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:43 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
age
18942
etag
W/"633ac825-941"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1101
expires
Thu, 19 Oct 2023 21:09:43 GMT
e-202242.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202242.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-nc
HIT ewr
date
Wed, 19 Oct 2022 21:09:43 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 09 Oct 2023 00:47:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Oct 2022 21:09:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27029
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
QxQ+SKWyEC62dnxIE4UeXm+4HVUouMAm/dnuMCewDX01t4Qmp5Im2HPwjFhGAiQFhcO4cxWBLDXL1Jp2aYzcvg==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1796467786&t=pageview&_s=1&dl=https%3A%2F%2Fheavy.com%2F&ul=en-us&de=UTF-8&dt=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaking%20News%20%26%20Shopping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1308632775&gjid=1798984859&cid=75630370.1666213783&tid=UA-1995064-1&_gid=1255926373.1666213783&_r=1&_slc=1&z=2057638884
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1420352291757138
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1420352291757138?v=2.9.86&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2118a97d515d94445093d07725c38222fb6a823a5f0ffdeb37568a7d65647977
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 19 Oct 2022 21:09:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85971
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Kc38vLO7kpIlB0qngxO02OG4Jz0BoooXH+o0fpeWLx0gs2S6c55dCrdIql0mzNzz8qUbTrmhSSn/znu8THtbbw==
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-1995064-1&cid=75630370.1666213783&jid=1308632775&gjid=1798984859&_gid=1255926373.1666213783&_u=IEBAAEAAAAAAACAAI~&z=497949297
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 19 Oct 2022 21:09:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1420352291757138&ev=PageView&dl=https%3A%2F%2Fheavy.com%2F&rl=&if=false&ts=1666213783527&sw=1600&sh=1200&v=2.9.86&r=stable&ec=0&o=30&fbp=fb.1.1666213783526.537427514&it=1666213783445&coo=false&rqm=GET
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 19 Oct 2022 21:09:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
marmalade
ads.adthrive.com/api/v1/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=5ad7479721520f50ab7da88e&url=https%3A%2F%2Fheavy.com%2F&experiments=rubiconFloors,recencyFrequency
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?referrer=https%3A%2F%2Fheavy.com%2F&cb=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
de82caf93cf293710b43fee96f99cc6bb2a66f8c93d3ae3a530e0ba00faf026a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 12:08:56 GMT
content-encoding
br
via
1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
32447
x-amzn-requestid
61522679-838f-4099-aac9-c10ea65cca38
x-cache
Hit from cloudfront
x-amz-apigw-id
aQFRxE49oAMFokg=
adthrive-is-chrome
1
adthrive-is-ios
0
x-amzn-trace-id
Root=1-634fe8d7-70d98a7a7252e6c455d51719;Sampled=0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-amz-cf-id
a8e-Z8kR_DcWXUWuTd5lKTL4FpyATMGlwjOff2S1W8E338Qx6N4pnw==
heavy.com
ads.adthrive.com/api/v2/host/floors/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/host/floors/heavy.com
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?referrer=https%3A%2F%2Fheavy.com%2F&cb=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
/
Resource Hash
619c40ca3297c3bed75866bd61b577fbeceac800ff86556f05760e83309235d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:40:24 GMT
content-encoding
br
via
1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
1759
x-amzn-trace-id
Root=1-635060b8-089b65b349980a681b04cdd3;Sampled=0
x-amzn-requestid
6c43c9c9-dd97-42bd-a02f-6ca6568ebbc0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
aRQMzHreoAMFraA=
x-amz-cf-id
9o2YZyvzWrkB7dsvHa0gvukDWiVYvu2BjSfBtKnztIOUUwoU6pAGzA==
adthrive.min.js
ads.adthrive.com/builds/core/ac9686f/es2018/js/ 		505 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?referrer=https%3A%2F%2Fheavy.com%2F&cb=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b5b1e5f3454453b4697ff1c67b3051926563753be0e557b566e0e604e94af595

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:42:54 GMT
content-encoding
gzip
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P8
age
1609
etag
"ca64342211eaf006504ee0085bf9a8c0"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
content-length
123344
x-amz-cf-id
Ujs7LRQyviq6LctjKPrNmKuUxHPjb-l-sNbz_0qu2s2OkjQoR1gSQw==
5ad7479721520f50ab7da88e.js
ads.adthrive.com/builds/customizations/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/customizations/5ad7479721520f50ab7da88e.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.js?referrer=https%3A%2F%2Fheavy.com%2F&cb=34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68b4e928d35befc2c54b63d898331d6af0a864e70dada9fcb79bd23d88d54e31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:22:50 GMT
x-amz-version-id
R6.x_1MUp98dHwcLqpsJ_JOIF1qYoWwE
content-encoding
br
last-modified
Wed, 19 Oct 2022 17:28:39 GMT
server
AmazonS3
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
etag
W/"a8ac411c74b35fd89984e694dc3342d8"
age
2814
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
MsoZxfIbULVJghQ-KccTD4T2jG0d5uXRaOF5I0fFYGaGILfXR_jmtg==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-1995064-1&cid=75630370.1666213783&jid=1308632775&_u=IEBAAEAAAAAAACAAI~&z=399755458
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame B66F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://heavy.com
Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://heavy.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:44 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=176147951&post=0&tz=-4&srv=heavy.com&hp=vip&host=heavy.com&ref=&fcp=470&rand=0.28164129254898285
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 19 Oct 2022 21:09:44 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
Collage-Maker-18-Oct-2022-06.05-PM.jpg
heavy.com/wp-content/uploads/2022/10/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/Collage-Maker-18-Oct-2022-06.05-PM.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
db28b35578071bfd6be7583beded20e2e9c4c56a394c1c9237d3bcc4e70f500c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 98 228 443
last-modified
Wed, 19 Oct 2022 13:41:32 GMT
server
nginx
etag
"f65ffde5cc60fbf5"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5606
expires
Thu, 19 Oct 2023 13:41:32 GMT
GettyImages-1434582460-e1666167325546.jpg
heavy.com/wp-content/uploads/2022/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/GettyImages-1434582460-e1666167325546.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
983fc3a563c000d9b42e112815d5559cbbb45c4c45f1ef03edfa2daf8f32049c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 98 226 443
last-modified
Wed, 19 Oct 2022 13:41:32 GMT
server
nginx
etag
"c8721aa77f8cdc8a"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2242
expires
Thu, 19 Oct 2023 13:41:32 GMT
refurbished-macbooks.jpg
heavy.com/wp-content/uploads/2022/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/09/refurbished-macbooks.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ce574b78b60a047df07cb9fc0b2a1326bd5d831cb8a05fd658a43016ee70a4b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 103 21 443
last-modified
Thu, 29 Sep 2022 19:10:10 GMT
server
nginx
etag
"7745d2f4d136b8c0"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1902
expires
Fri, 29 Sep 2023 19:10:10 GMT
GettyImages-1370947304-e1664851982666.jpg
heavy.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/GettyImages-1370947304-e1664851982666.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ae061140fed7f469604fa7ba47042fc348baec086b8e22fbadcb92d82305d33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 98 226 443
last-modified
Wed, 19 Oct 2022 07:33:18 GMT
server
nginx
etag
"b84cd81a5ea4bb72"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2942
expires
Thu, 19 Oct 2023 07:33:18 GMT
165303_3810_7da59178-e1666051577128.jpeg
heavy.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/165303_3810_7da59178-e1666051577128.jpeg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bce478f69d1366e94a46d9407ee97da73a27111f3127030d41ce124c800e4c0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 98 226 443
last-modified
Wed, 19 Oct 2022 13:41:32 GMT
server
nginx
etag
"3bbc216aed9760ae"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4820
expires
Thu, 19 Oct 2023 13:41:32 GMT
GettyImages-1434302788-e1666137635877.jpg
heavy.com/wp-content/uploads/2022/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/GettyImages-1434302788-e1666137635877.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
aa01171bec4fe6a08a5c6d8ced9e0093ddb763b5aeaf8cf202acd7892211ddbd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 101 125 443
last-modified
Wed, 19 Oct 2022 12:44:56 GMT
server
nginx
etag
"7ef71ed713b50fd9"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4426
expires
Thu, 19 Oct 2023 12:44:56 GMT
Aubree-e1666033349613.jpg
heavy.com/wp-content/uploads/2022/10/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/Aubree-e1666033349613.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef2bf0f1fc66bdda6c9edd60769b86328eb8f0a9f2261476045c69daf9f07106

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 101 150 443
last-modified
Tue, 18 Oct 2022 02:34:10 GMT
server
nginx
etag
"7679e8059b099f28"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1634
expires
Wed, 18 Oct 2023 02:34:10 GMT
GettyImages-1433960229-1-e1666125913319.jpg
heavy.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/GettyImages-1433960229-1-e1666125913319.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
479e7ff4daf8ced21a9a69044f78bf8d11359b3932d32f4aaabbc5fd7cb5d7a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 101 225 443
last-modified
Wed, 19 Oct 2022 07:33:18 GMT
server
nginx
etag
"f56296864f9cf194"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5434
expires
Thu, 19 Oct 2023 07:33:18 GMT
Collage-Maker-17-Oct-2022-11.19-AM.jpg
heavy.com/wp-content/uploads/2022/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/Collage-Maker-17-Oct-2022-11.19-AM.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b3026cdc731c2f4f317e651a53d5175b0bcb2fd8a1575ac8fd94ba917aab1e1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 102 93 443
last-modified
Wed, 19 Oct 2022 13:41:33 GMT
server
nginx
etag
"db82e8fcaca601a6"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2724
expires
Thu, 19 Oct 2023 13:41:33 GMT
GettyImages-1434587590-e1666155781483.jpg
heavy.com/wp-content/uploads/2022/10/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heavy.com/wp-content/uploads/2022/10/GettyImages-1434587590-e1666155781483.jpg?quality=15&strip=all&w=320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8b169cb62cbe298dfbbf836cd03e928f34a30053f01c036a2c8cbf119ed7bb2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-rq
ewr4 98 226 443
last-modified
Wed, 19 Oct 2022 13:41:32 GMT
server
nginx
etag
"9e9f2cf7e14e7175"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5216
expires
Thu, 19 Oct 2023 13:41:32 GMT
topics.html
ads.adthrive.com/builds/core/ac9686f/html/ Frame 61B1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/ac9686f/html/topics.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1609
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 19 Oct 2022 20:42:55 GMT
etag
W/"1661ff0474b820ed2e9fbc7cd72a6c9a"
last-modified
Wed, 19 Oct 2022 15:58:48 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
x-amz-cf-id
UTAgcHd-KFk0V-6Gwhc6qKbTCXB1GNqanLjnjigU2k0ixOKxlm5aqw==
x-amz-cf-pop
JFK50-P8
x-amz-version-id
pDeE.RnMS0uy0Tk2KDs.6KqAVQFHd1JJ
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/ 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
705b01b585308c46090f947bbaf36dbd27ed0800b4da4e7863b4a45f7dbc380a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:42:55 GMT
content-encoding
br
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
x-amz-version-id
MOIGwMhDCJdnK0MSr61qhCzYwU.e_Okg
last-modified
Wed, 19 Oct 2022 15:53:52 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
1610
etag
W/"db4a56b119be929cfa779f900d687cec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
ND1Ym1UbIZPV6twDSCisW8FST0hBSJZcUbYO9VF4HCmtA8KeXgPAyQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		176 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:42:10 GMT
content-encoding
gzip
via
1.1 dbb909966903df95f63a00d4241f7b7c.cloudfront.net (CloudFront), 1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
last-modified
Thu, 06 Oct 2022 22:15:21 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
1655
x-amz-server-side-encryption
AES256
etag
W/"4c87a00941c1aa3dcbab77fc8dc08ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
J1_VuTSc0aWYTK0-3Wp-oNGy8IlawKzOYPzz1qXG8HZpStWsL0jOlg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc7722a72d56fdae4cccb6ced0f04e9d884f5ef459d270dd5b89b942364e84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27631
x-xss-protection
0
server
sffe
etag
"1369 / 665 of 1000 / last-modified: 1666192912"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Oct 2022 21:09:44 GMT
web-vitals.umd.js
unpkg.com/web-vitals@2.0.1/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@2.0.1/dist/web-vitals.umd.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd32ac808b323ce6c8560cba52ebba764864c69205de549821a41e1c21cbe51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5017305
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GB3GDAZKF9VAS7AJN2T83WSH-lga
server
cloudflare
etag
W/"1220-Y/lmqcg3C3bYppxzEKe5wnkwNMc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75cc7f191934d153-BUF
rnf.html
ads.adthrive.com/builds/core/ac9686f/html/ Frame BA57 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/ac9686f/html/rnf.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
251ddf39aca075825dd226e7e3c323e2dbc43fe7de945a57ff33851389a052a9

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1610
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 19 Oct 2022 20:42:55 GMT
etag
W/"d2114a62059f6b543980ad0665b43dfc"
last-modified
Wed, 19 Oct 2022 15:58:48 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
x-amz-cf-id
qch9UvGcdt0sQAxHKF9htowbS7i-OS7HJuha2wn6atJC0djep9xYcQ==
x-amz-cf-pop
JFK50-P8
x-amz-version-id
G4cHR_WPKQCqy9CKPZXwBHkZln6PNnIN
x-cache
Hit from cloudfront
event
logger.adthrive.com/ 		21 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5ad7479721520f50ab7da88e&siteName=Heavy&bucket=flex-31&branch=ac9686f&deployment=2022-10-19-5%3Aadm-388%3Apr2787%3Aac9686f&message=RecencyAndFrequncyIFrameManager%3A%3ArecencyFrequencyIframeAdded&pageurl=https%3A%2F%2Fheavy.com%2F&body=%5B%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 12:00:38 GMT
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
32947
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
kQjRE388pZClO4rI8cx_hExg08MWsPqwjeKvyYY2hYO7xqwD2OXFbA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 02:05:29 GMT
x-amz-version-id
YousslGi_alc9N7i1PBVBMNtdY1LkTzi
content-encoding
gzip
via
1.1 7969ab02c38bf363682fddd4258a6d30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
68656
x-cache
Hit from cloudfront
last-modified
Thu, 06 Oct 2022 01:32:47 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
BFxZjwTM_AiVMgPG07FKnMfA-rBWpN_hE46dds1Nzvv_wmMAZ4-e8A==
pubads_impl_2022101301.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 16:12:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131264
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 15:30:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 16:12:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		513 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=heavy.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac8f7d38342af4d3e7f30e15b43032bc93dc1a18e8d4a0b2f9c4b84aa28f4f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
expires
Wed, 19 Oct 2022 21:09:44 GMT
event
logger.adthrive.com/ 		21 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5ad7479721520f50ab7da88e&siteName=Heavy&bucket=flex-31&branch=ac9686f&deployment=2022-10-19-5%3Aadm-388%3Apr2787%3Aac9686f&message=Context%3A%3AsessionLogger&pageurl=https%3A%2F%2Fheavy.com%2F&body=%5B%7B%22gaCookie%22%3A%22GA1.2.75630370.1666213783%22%2C%22gidCookie%22%3A%22GA1.2.1255926373.1666213783%22%2C%22sessionId%22%3A%2201GFS19B1P4WHBPBQCM2Q2BXZ3%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 12:00:38 GMT
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
32947
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
3mZXjdOgDYgz6PuMhncWHZoLZIr5PnDDe8eA_ktMgQDuHCf-Dw9fSQ==
BEyTNfA8
cdn.jwplayer.com/v2/playlists/ 		40 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/BEyTNfA8
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:4e00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
aa250311ac3f44ddb5b321ac15af4aae4cdcb368a2dd8993c7273447f76438b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:08:45 GMT
content-encoding
gzip
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
59
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
content-length
6817
x-amz-cf-id
061LZVsqKcw0k0lCGp68xS6styf-W0oZaIxi06-0VNlI7HkjWDKVag==
expires
Wed, 19 Oct 2022 21:10:32
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fheavy.com&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:04:02 GMT
via
1.1 72e01c53ea1f597217a963cf6671454c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
7541
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://heavy.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
3E615RlAm0bsbEkJozDL0_HCpJdG_fSHxGnEB2ej6SHxNXNunp4BFg==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fheavy.com%2F&domain=heavy.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://heavy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 19 Oct 2022 21:09:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
461520
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 04:44:27 GMT
content-encoding
gzip
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
59117
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
GbVgnSAbREziHUklgYNYkamyQDKSP0lAB219BzvVxSlC9Nti1mE6YQ==
config.js
confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		293 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8d3a20b185fec0c542f8699df01907baccbccad560b40035eca88ad623a17b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:44 GMT
Content-Encoding
gzip
Via
1.1 varnish
x-amz-request-id
0AZ5RY7MQ52YMKRD
Age
603
X-Cache
HIT
Connection
keep-alive
Content-Length
60667
x-amz-id-2
1EFK+lL6lL5es0w3xDovNNeUC3RBlpijKPf4qJTOEeh5+kDRsyBXxsncxVFfp0FMBfSaj7/OL2A=
X-Served-By
cache-ewr18125-EWR
Last-Modified
Wed, 19 Oct 2022 20:47:27 GMT
Server
AmazonS3
X-Timer
S1666213785.757276,VS0,VE0
ETag
"e29ae441fd1464a6f8e22e06169f568a"
Content-Type
text/javascript
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
312
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fheavy.com%2F&domain=heavy.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=HTd_qHwwTHFvcGk4RHhKTlBiL2NJNS9GTW9EM1ZHT1BSMEhsaXpoUjFHRkwrMFJRNUtxUjNuSE9Hd2sxbU5oSzVjUzYwL01SeStpZ1hXS3RiS1J0N3EydEpRcGlhNVYybFJrUFhsb21DbXFKd2tMUUptWUN3OGExV0xyck...
367 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HTd_qHwwTHFvcGk4RHhKTlBiL2NJNS9GTW9EM1ZHT1BSMEhsaXpoUjFHRkwrMFJRNUtxUjNuSE9Hd2sxbU5oSzVjUzYwL01SeStpZ1hXS3RiS1J0N3EydEpRcGlhNVYybFJrUFhsb21DbXFKd2tMUUptWUN3OGExV0xyck56SW1uRGRHT21Idy9naTBZc1hxb2c3SEVlcFljZEFwY2JXSjY5ZFF4OXN3N0JhN29yTTRhSm1jalcyQURRZk1qN09ZS1hldDVhSXJTK2lZSEdnUDVyRXJHVEZpUEtLRllQdEVtTHJvUk9PS2tUQXBlVitJPXw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b6ace4c736647a27bfb8218cc3a7e0899ea4c1302790a9a3dbe743edd50d6e7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
971611
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=HTd_qHwwTHFvcGk4RHhKTlBiL2NJNS9GTW9EM1ZHT1BSMEhsaXpoUjFHRkwrMFJRNUtxUjNuSE9Hd2sxbU5oSzVjUzYwL01SeStpZ1hXS3RiS1J0N3EydEpRcGlhNVYybFJrUFhsb21DbXFKd2tMUUptWUN3OGExV0xyck56SW1uRGRHT21Idy9naTBZc1hxb2c3SEVlcFljZEFwY2JXSjY5ZFF4OXN3N0JhN29yTTRhSm1jalcyQURRZk1qN09ZS1hldDVhSXJTK2lZSEdnUDVyRXJHVEZpUEtLRllQdEVtTHJvUk9PS2tUQXBlVitJPXw&cppv=2
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
674774
content-length
0
expires
0
367.json
id5-sync.com/g/v2/ 		461 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/367.json
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
03672536e8893631903f7988e667cde3eabf4c7df9ce6c1db00f586192586a7a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://heavy.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
envelope
api.rlcdn.com/api/identity/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=111
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=iowij76&fmt=json
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0d4c688c9b22447f92479b28e33e4db5e17f84bc4d34147e704dacb98f6a5947

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heavy.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Fri, 18 Nov 2022 21:09:44 GMT
event
logger.adthrive.com/ 		21 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logger.adthrive.com/event?siteId=5ad7479721520f50ab7da88e&siteName=Heavy&bucket=flex-31&branch=ac9686f&deployment=2022-10-19-5%3Aadm-388%3Apr2787%3Aac9686f&message=VideoManagerComponent%3A%3AnoStickyPlaylistOrSekindo&pageurl=https%3A%2F%2Fheavy.com%2F&body=%5B%7B%22vendor%22%3A%22none%22%2C%22device%22%3A%22desktop%22%2C%22isDesktop%22%3A%22desktop%22%7D%2C%7B%22abgroup%22%3A%7B%22delload%22%3A%22on%22%2C%22deftimer2%22%3A%22200%22%2C%22amzn%22%3A%22on%22%2C%22wvtls%22%3A%22on%22%2C%22tpcapi%22%3A%22on%22%2C%22amzn_hold_load%22%3A%22off%22%2C%22flr%22%3A%22cm%22%2C%22lzflr%22%3A%2260%22%2C%22clsins_ss%22%3A%22true%22%2C%22ebho%22%3A%22verizon_ebda%22%2C%22loglevel%22%3A%22off%22%2C%22idho%22%3A%22off%22%2C%22lzhb%22%3A%22on%22%2C%22lzcvp%22%3A%222%22%2C%22lzbpvp%22%3A%220.25%22%2C%22tripleliftdr%22%3A%22both%22%2C%22magnitedr%22%3A%22both%22%2C%22pbs2s_appnexus%22%3A%22off%22%2C%22pbs2s_grid%22%3A%22on%22%2C%22pbs2s_gumgum%22%3A%22on%22%2C%22pbs2s_openx%22%3A%22off%22%2C%22adt%22%3A%221%22%2C%22ito_df%22%3A%222300%22%2C%223pho%22%3A%22none%22%2C%22vebho%22%3A%22spotx_ebda%22%2C%22cbt%22%3A%224s%22%2C%22vast_to%22%3A%2210s%22%2C%22proto%22%3A%22all%22%2C%22pbm%22%3A%22on%22%2C%22reqTo%22%3A%2215%22%2C%22vadv%22%3A%22on%22%2C%22smhd100%22%3A%22off%22%2C%22smad300%22%3A%22on%22%2C%22s2sbuff%22%3A%22off%22%2C%22coldr%22%3A%22both%22%2C%22rmos1%22%3A%22off%22%2C%22socon%22%3A%220%22%2C%22sab%22%3A%22on%22%2C%22dco%22%3A%22relaxed%22%2C%22mxrpog%22%3A%224%22%2C%22dajto%22%3A%22off%22%2C%22jwb%22%3A%22off%22%2C%22vpred_1%22%3A%2290%22%2C%22crtvmon%22%3A%22off%22%2C%22pba%22%3A%22none%22%2C%22amzn_hold_disp%22%3A%22on%22%2C%22bmetrics%22%3A%22on%22%2C%22confiant%22%3A%22prod%22%2C%22cnfep%22%3A%22off%22%2C%22refflr2%22%3A%221.1%22%2C%22refvidflr%22%3A%221%22%2C%22socbe%22%3A%22sovpct2%22%2C%22logcls%22%3A%22off%22%2C%22sidp%22%3A%22off%22%2C%22rebuildslot%22%3A%22on%22%2C%22upl%22%3A%22off%22%2C%22sekho%22%3A%22off%22%2C%22sospp%22%3A%22on%22%7D%2C%22sess%22%3A%2201GFS19B1P4WHBPBQCM2Q2BXZ3%22%2C%22pvk%22%3A%2201GFS19B1PVZCK1G2FHHYX9DJT%22%2C%22hbho%22%3A%5B%2233across%22%2C%22conversant%22%5D%2C%22vbho%22%3A%5B%22none%22%5D%2C%22lmdv%22%3A%221.11.0%22%7D%5D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 12:00:38 GMT
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
32947
x-cache
Hit from cloudfront
content-length
21
last-modified
Thu, 12 Nov 2020 16:10:14 GMT
server
AmazonS3
etag
"711ef07ada64abbd94e9099392aa8d74"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
0wzCL0oKpL9ONx2x_3AiQHCHpO_dUbUZY43Hp5xHf94Ul7L5t-6vsg==
ads.min.css
ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ 		646 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/5ad7479721520f50ab7da88e/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
54eec0fb7f4cf3b9debe15f92879f1ec46d6226d33777b2e803ddcf9c8b7486f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 21:28:52 GMT
content-encoding
gzip
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P8
age
85252
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
295
x-amz-cf-id
1PS4AzHjoL2qa_7B_e_U62e9ocxLt6K2g9Gu8taLthgVVLI8kQHbGg==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 13:13:44 GMT
server
cloudflare
x-amz-request-id
ACE9M2H89XF1T5PG
age
2790
etag
W/"68154020ef14b5881614607902c7c21b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75cc7f1adf2fe71c-EWR
x-amz-id-2
eA+ZkGBqy7wH1iNlB4yHdq0OxDUtF7XVkN1UV2TGHUIbUNpuJBvFdApUcZBhrol5U0IA+Kxs780=
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		222 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fheavy.com%2F&pid=MAYzBpPY1jJov&cb=0&ws=1600x1200&v=22.10.32118&t=2100&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%7D%5D&schain=1.0%2C1!cafemedia.com%2C5ad7479721520f50ab7da88e%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
74a480ae6dcd5484c3763a4102912a1bdd18264d12c147682d0cfdcb6f6118de
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
4N6XTQJ5KBBZZD13TV5J
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
222
x-amz-cf-id
r0_P3cLKPEHBNM5k6nozOUj3K2jv48NAwv6BvvwEsSND-C-pFT3obw==
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://heavy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://heavy.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 19 Oct 2022 21:09:44 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://heavy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://heavy.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 19 Oct 2022 21:09:44 GMT
server
ATS/9.1.10.25
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://heavy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://heavy.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 19 Oct 2022 21:09:44 GMT
server
ATS/9.1.10.25
cafemedia.js
cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/cafemedia.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1fb6db1c9f1590294cb8190cfa160f888dc1bbf486d0b1c34640606d190b0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 19 Oct 2022 20:30:42 GMT
server
cloudflare
age
2342
cf-polished
origSize=4933
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OlYrgWaFpNy7UKWBhINJs11Zz9Y2vJ229HckaDTzs%2FAbF5QkH%2BQcINlfVEesZvJsenZopj9I997kOqzZqfaLcMYsOiDy%2BPVnyN74O9sNwvqsfUOBZmohrY7pwG9APtwsRl10q%2F0B2BPLyMZItN7Ghbf"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75cc7f1bab98c47c-EWR
cookie_sync
prebid-server.rubiconproject.com/ 		3 KB
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
ec6187aebd6309f176533129e9609ed8b0fa932529530dc164fafa5c3548b8ab

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
624
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		288 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
54a015fe4307f431cd520ad747b354e16fae9ed233929562ee269d9945fb65ca

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
238
expires
0
bid-request
a.teads.tv/hb/ 		16 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.101.76 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-101-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 19 Oct 2022 21:09:44 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=185770&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22213fbd644ed5e82%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fheavy.com%2F%3F%23PD%3Anodesktop%23Source%3Adirect%23Browser%3AChrome%23Topic%3AEntertainment%23Topic%3ANews%23MCMP%3ABA_GAA2554%23MCMP%3ABA_GAM3554%23MCMP%3ABA_GAM2549%23MCMP%3AHOME%23MCMP%3AAO_SNDE%23MCMP%3ABA_CAMSF19%23MCMP%3Aiabc_483%23MCMP%3ABA_WSKW20%23Sens%3Aalc%23Sens%3Aast%23Sens%3Aconl%23Sens%3Acosm%23Sens%3Adat%23Sens%3Adrg%23Sens%3Agamc%23Sens%3Agamv%23Sens%3Apol%23Sens%3Arel%23Sens%3Asst%23Sens%3Assr%23Sens%3Asrh%23Sens%3Awtl%23vp%3A0%23A2549_Phone_49%3ATrue%23A2554_Phone_58%3ATrue%23A3599_Desk_72%3ATrue%23A3599_Phone_72%3ATrue%23A4599_Desk_57%3ATrue%23AFOI_2020%3ATrue%23ALC_072019%3ATrue%23ATT_2020%3ATrue%23ATZN_2020%3ATrue%23C1_HV_Phone_T50%3ATrue%23C2_HV_Phone_T50%3ATrue%23EXCLAA_19%3ATrue%23MGBW_2021%3ATrue%23MIQWO_2022%3ATrue%23MSPWL_2021%3ATrue%23RDST_2020%3ATrue%23TYS_062019%3ATrue%23UNI_DSK_HV%3ATrue%23UNI_PHN_HV_C1%3ATrue%23UNI_PHN_HV_R1%3ATrue%23UNI_PHN_RHV%3ATrue%23UNI_TAB_HV%3ATrue%23UNI_TAB_HV_C1%3ATrue%23UNI_TAB_RHV%3ATrue%23VITFM_21%3ATrue%23XUNI_2020%3ATrue%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22483%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.10.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fheavy.com%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A1%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%2C%22adunitcode%22%3A%22AdThrive_Footer_1_desktop%22%2C%22divId%22%3A%22AdThrive_Footer_1_desktop%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2222e279d2f22e8a2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_1%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_2%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_3%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_4%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%2212_5%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22185770%22%2C%22sid%22%3A%221x1%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%2C%22tid%22%3A%22d33e25bd-9113-43a1-a384-f5cf1fc3aa40%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%225ad7479721520f50ab7da88e%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5c41022-0df9-4f40-9ebf-af7ed6388eb9%22%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ea221eaf-db5b-4d4d-a055-5e9c544a934a%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3254ca993472637dac775943b9c1b5d80e9ccd8fb53dbd7917f9330cd9eabee9

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FswJR0DX2w4Uvf4rxFfxJn6H%2Bzno8GSV1VqY5BHlpEQ96s9uiuLBoYzF1Ae9e%2FUby0MV%2FWfYxYEZSKayOd9tXE4YhT7TMpnX2ustwrbGdIsY5PUXxy4qqHS1iPpgQeo%2BADpzV4jc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75cc7f1bcf3e8cd4-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid
krk.kargo.com/api/v2/ 		2 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%220d01f81d-ddbb-4f0d-a153-dbcbba972166%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2300%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1666213784832%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%2228fa4f876b29c89%22%3A%22_lP4vuVhICu%22%7D%2C%22bidSizes%22%3A%7B%2228fa4f876b29c89%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_lP4vuVhICu%22%7D%2C%22userId%22%3A%7B%22pubcid%22%3A%22b5c41022-0df9-4f40-9ebf-af7ed6388eb9%22%2C%22tdid%22%3A%22ea221eaf-db5b-4d4d-a055-5e9c544a934a%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b5c41022-0df9-4f40-9ebf-af7ed6388eb9%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ea221eaf-db5b-4d4d-a055-5e9c544a934a%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22pos%22%3A%22atf%22%2C%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%7D%2C%22pbadslot%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%7D%2C%22tid%22%3A%22d33e25bd-9113-43a1-a384-f5cf1fc3aa40%22%2C%22gpid%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22pos%22%3A1%7D%7D%2C%22adUnitCode%22%3A%22AdThrive_Footer_1_desktop%22%2C%22transactionId%22%3A%22d33e25bd-9113-43a1-a384-f5cf1fc3aa40%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B320%2C50%5D%2C%5B970%2C90%5D%2C%5B300%2C50%5D%2C%5B320%2C100%5D%2C%5B468%2C60%5D%2C%5B1%2C1%5D%5D%2C%22bidId%22%3A%2228fa4f876b29c89%22%2C%22bidderRequestId%22%3A%22279bda320ac38f9%22%2C%22auctionId%22%3A%22889150ef-621b-4eba-976c-911d2cce3315%22%2C%22src%22%3A%22client%22%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22cafemedia.com%22%2C%22segment%22%3A%5B%7B%22id%22%3A%22483%22%7D%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22cafemedia.com%22%2C%22sid%22%3A%225ad7479721520f50ab7da88e%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%22ea221eaf-db5b-4d4d-a055-5e9c544a934a%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fheavy.com%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.148.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-148-159.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://heavy.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cdb
bidder.criteo.com/ 		18 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=6957016271&lsavail=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
tlx.3lift.com/header/ 		19 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.10.0&referrer=https%3A%2F%2Fheavy.com%2F&tmax=2300&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.68.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-68-65.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:44 GMT
accept-ch
sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://heavy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
arj
cafemedia-d.openx.net/w/1.0/ 		189 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cafemedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fheavy.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d33e25bd-9113-43a1-a384-f5cf1fc3aa40&nocache=1666213784841&scsm=cafemedia.com%2F6%3A483&us_privacy=1---&pubcid=b5c41022-0df9-4f40-9ebf-af7ed6388eb9&ttduuid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&schain=1.0%2C1!cafemedia.com%2C5ad7479721520f50ab7da88e%2C1%2C%2C%2C&aus=728x90%2C320x50%2C970x90%2C300x50%2C320x100%2C468x60%2C1x1&divids=AdThrive_Footer_1_desktop&aucs=%252F18190176%252FAdThrive_Footer_1%252F5ad7479721520f50ab7da88e&auid=538699840&tps=c2Vucz1hbGMsYXN0LGNvbmwsY29zbSxkYXQsZHJnLGdhbWMsZ2Ftdixwb2wscmVsLHNzdCxzc3Isc3JoLHd0bCZidWNrZXQ9ZmxleC0zMSZoaV9hdT0%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9417661914e9d33525836ceac4c9eb9f81948c5a16d4d55c0e86f0b8d84ce982

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://heavy.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae21c6a7d880025&cmd=bid&sens=alc%2Cast%2Cconl%2Ccosm%2Cdat%2Cdrg%2Cgamc%2Cgamv%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cwtl&eidadserver.org=ea221eaf-db5b-4d4d-a055-5e9c544a934a&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e56db6b7fa490d3078cea54cfe40f884dfd64b7125a4eb9cd65fb8bb2a20721f

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a969d580177771bc13c2046cd280081&cmd=bid&sens=alc%2Cast%2Cconl%2Ccosm%2Cdat%2Cdrg%2Cgamc%2Cgamv%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cwtl&eidadserver.org=ea221eaf-db5b-4d4d-a055-5e9c544a934a&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5045c41147a4d02e26beb4535147fdb27145a9166fbbdaf3a39e50020f0ffcea

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694d00177771bcae21c6941d30023&pos=8a9694d00177771bcae2204408520056&cmd=bid&sens=alc%2Cast%2Cconl%2Ccosm%2Cdat%2Cdrg%2Cgamc%2Cgamv%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cwtl&eidadserver.org=ea221eaf-db5b-4d4d-a055-5e9c544a934a&secure=1&us_privacy=1---
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9000729b9cef1f0e62982b419d5bb57affb8be19701f7d2fa85be49f1d98691f

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		968 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=9262&site_id=180726&zone_id=881416&size_id=2&alt_size_ids=1%2C43%2C44%2C55%2C117%2C221&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!cafemedia.com,5ad7479721520f50ab7da88e,1,,,&eid_pubcid.org=b5c41022-0df9-4f40-9ebf-af7ed6388eb9%5E1&tpid_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&eid_adserver.org=ea221eaf-db5b-4d4d-a055-5e9c544a934a&rf=https%3A%2F%2Fheavy.com%2F&tg_i.iab=483&tg_i.site_code=A2549_Phone_49%2CA2554_Phone_58%2CA3599_Desk_72%2CA3599_Phone_72%2CA4599_Desk_57%2CAFOI_2020%2CALC_072019%2CATT_2020%2CATZN_2020%2CC1_HV_Phone_T50%2CC2_HV_Phone_T50%2CEXCLAA_19%2CMGBW_2021%2CMIQWO_2022%2CMSPWL_2021%2CRDST_2020%2CTYS_062019%2CUNI_DSK_HV%2CUNI_PHN_HV_C1%2CUNI_PHN_HV_R1%2CUNI_PHN_RHV%2CUNI_TAB_HV%2CUNI_TAB_HV_C1%2CUNI_TAB_RHV%2CVITFM_21%2CXUNI_2020&tg_i.site_id=5ad7479721520f50ab7da88e&tg_i.sens=alc%2Cast%2Cconl%2Ccosm%2Cdat%2Cdrg%2Cgamc%2Cgamv%2Cpol%2Crel%2Csst%2Cssr%2Csrh%2Cwtl&tg_i.verticals=Entertainment%2CNews&tg_i.pmp_elig=false&tg_i.mcmp=BA_GAA2554%2CBA_GAM3554%2CBA_GAM2549%2CHOME%2CAO_SNDE%2CBA_CAMSF19%2Ciabc_483%2CBA_WSKW20&tg_i.refresh=false&tg_i.vp=0&tg_i.pos=atf&tg_i.pbadslot=%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e&tk_flint=pbjs_lite_v7.10.0&x_source.tid=d33e25bd-9113-43a1-a384-f5cf1fc3aa40&l_pb_bid_id=421c90f1077f375&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F18190176%2FAdThrive_Footer_1%2F5ad7479721520f50ab7da88e&slots=1&rand=0.6890057052725129
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::41 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7ef646adbcf11434b3f392a6de8556f9eb287e5b026a1f99411866b4a0c4068e

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://heavy.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
9338811f5878eaeb6e9bf7dbb327c984b5b859050cb177aeb06a4ded7b447b0b

Request headers

Referer
https://heavy.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
fa7abe88a18c99f411aa68d77605dd5d9939eba47e80733b0044f933077b8304

Request headers

Referer
https://heavy.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bcf58d343292ea3fac8a48eab8e22c02c6ffb7edf1e341b5428874084acd701c

Request headers

Referer
https://heavy.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
server
ATS/9.1.10.25
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://heavy.com
access-control-allow-credentials
true
content-length
66
prebid
ib.adnxs.com/ut/v3/ 		19 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:44 GMT
AN-X-Request-Uuid
82d57a31-7d19-4449-b346-c745600232eb
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://heavy.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.198.133.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-133-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:44 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.198.133.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-133-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:44 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.198.133.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-133-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:44 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.198.133.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-133-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:44 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.198.133.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-133-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:44 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
cafemedia
direct.adsrvr.org/bid/bidder/ 		0
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/cafemedia
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.166.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://heavy.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
/
colossusssp.com/ 		2 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
80.77.87.218 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://heavy.com
Date
Wed, 19 Oct 2022 21:09:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213784868&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breakin...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213784868&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaki...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213784868&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaking%20News%20%26%20Shopping&c9=
Protocol
H2
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
WViZKugOC-zE0bQFdikWY3sJhrphlQsrV_lFP7Mf5wwy6dT8WPigJg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213784868&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaking%20News%20%26%20Shopping&c9=
date
Wed, 19 Oct 2022 21:09:44 GMT
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
content-length
0
x-amz-cf-id
QHbFoP7IVRugPIdXlsOXwKgfq5pJPwlqE-DCFnCkHGbRzXYqJdy1iQ==
x-cache
Miss from cloudfront
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202205091138/ 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 May 2022 15:39:37 GMT
server
cloudflare
x-amz-request-id
8RXV7JZ48SBPM2YF
etag
W/"ecf02ff527b0ed563b40adaa835278b3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
75cc7f1bfabbd15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
5NIkFiIiIWdyiP8e110XoidnL2axBPIOvydVddWrGMUzLZ7CfnGCL6k65tXIk6dtst0FzqW6Hx2FCL4y1Q1LYw==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
170ca1b9200f7226ee7386710f846087ce5b6011db9d85097bd7aa3295cfcfae

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:44 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
197e2aea0a1c22c6a7f6418257737a48d04df1bb5870c3464d0d28d070711550

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:45 GMT
content-length
54
vary
Origin
content-type
application/json
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=heavy.com
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/aa466d868b2742ffa2cc31bb6341dc12/cafemedia.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2471b1253309224104a4822e03018e84f06e960c30f28462ca550e44dfcba66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 19 Oct 2022 20:31:02 GMT
server
cloudflare
age
2322
cf-polished
origSize=47264
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhpSAUiJDQvwpO12RMdimdMqlGPXC5uKTNxCvnFvX8AJte8gI1T8ncwSZ796phB%2FKVWO3a4rzcLkzlNxaUVxmPsrenzEVmutFndUiWR8ZOOWcJ8bBdwU2EokMij9P%2BX0jm9VRTsfxgn%2F1nqmrSpdNCTw"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
75cc7f1bfc8fc47c-EWR
c.js
collector.brandmetrics.com/ 		0
0
iu3
s.amazon-adsystem.com/ Frame 8C81
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
351 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
770c11afd43a6700eec48b41040be9229f5653e51095a8fe3366301cadd6b087
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
351
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
75NYE5MWEEFEAQTE1JG2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SEXEMAVK76D1T6R2J3AQ
367.json
id5-sync.com/g/v2/ 		456 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/367.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
5c21c152d99aac3c5c496bbf955c21143f6f2d03684b4cbd68813cf93ae7ada1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Oct 2022 21:09:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://heavy.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pr
s.amazon-adsystem.com/v3/ Frame 5186 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3ea827ece592695c114241962ca8a1b473dff1249daa1091d2a17cf0b74a6499
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3045
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
Z0FMQ1Y3PSRH6RYDZBE2
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HTd_qHwwTHFvcGk4RHhKTlBiL2NJNS9GTW9EM1ZHT1BSMEhsaXpoUjFHRkwrMFJRNUtxUjNuSE9Hd2sxbU5oSzVjUzYwL01SeStpZ1hXS3RiS1J0N3EydEpRcGlhNVYybFJrUFhsb21DbXFKd2tMUUptWUN3OGExV0xyck56SW1uRGRHT21Idy9naTBZc1hxb2c3SEVlcFljZEFwY2JXSjY5ZFF4OXN3N0JhN29yTTRhSm1jalcyQURRZk1qN09ZS1hldDVhSXJTK2lZSEdnUDVyRXJHVEZpUEtLRllQdEVtTHJvUk9PS2tUQXBlVitJPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 19 Oct 2022 21:09:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
516735
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 5186
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9M39Z01DAZYWS2P5MCXJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 5186 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.184 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip184.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
amzns2s
rtb.gumgum.com/usync/ Frame 2772 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.180.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-180-95.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5800a5549a26f82055f6c044400b96307a1d081f6127ddbefd57446a43f9988b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 19 Oct 2022 21:09:45 GMT
etag
W/"0768a281152a347dea65fe6cac0c0a9f0"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame F504
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b7d8cdb9e7c9a81827f9c3ea7a87822c88482e10c1aacd3217d20fa0f4afdb2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75cc7f1f38d98cc5-EWR
content-encoding
br
content-type
text/html
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=062dtGAXTPB0KvXANCMM5IJlv8KuRAGfYRss0oMM9fSm%2B5oIvQk9XquSZ%2B86m3dqnTstPofNfm9Um15XWeSlnPGao5VGNUexfP14%2FQatbh4t3Z1uB11j%2ByJ8VKh5qQGbMIDPSsIiFlsOuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75cc7f1ecb53180d-EWR
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2B%2BKLOoB7M0rN85dMOGi3kr78FnWeymBSjy1LKs%2BIYAbIcrXgfmimObSKaREIj2sU3jL7cIKTe3QafKA9ttOYgsA34CTMTiv84GP947GJMt9IIiIdYY%2Fi7ZkSpn6wpX2IDeXsI8osnm3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame F9DC 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
fd2fbd0ee422c2021edd3cc85d3cd9b3e5c06e0c57091c400f405e09889bd21a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Wed, 19 Oct 2022 21:09:45 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C1A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153845
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 19 Oct 2022 21:09:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 21 Oct 2022 15:53:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame D2FF 		897 B
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.154.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-154-204.compute-1.amazonaws.com
Software
/
Resource Hash
fb980cfc2fbdd0d93f9f77103d10c1c8e5c42079705bcb57be108cfe1574bbae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 19 Oct 2022 21:09:45 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame A9CD 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Oct 2022 21:09:45 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame C556
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fSHNTcUpSRTJ1S1diSnRYWEJkcDJ0QTczYXBzelp3dX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fSHNTcUpSRTJ1S1diSnRYWEJkcDJ0QTczYXBzelp3dX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3C7KRSY7RP51TNKESVF4

Redirect headers

age
0
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1fSHNTcUpSRTJ1S1diSnRYWEJkcDJ0QTczYXBzelp3dX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 9698 		722 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bf46ed887799ed2214804f4732e18a728cf4eb8dd1c64884dae61df97abf73d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
459
content-type
text/html
date
Wed, 19 Oct 2022 21:09:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame E13F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1459971591854656313&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1459971591854656313&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
H2GY3ZVEZPQMCG06FE1G

Redirect headers

AN-X-Request-Uuid
e7c8c252-1def-44cf-bf4a-af993b0dd5eb
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=1459971591854656313&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame 29E5
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1800898157156868043624
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1800898157156868043624
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PADSWJENV54H23K7HVDT

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1800898157156868043624
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=rp-pbs&gdpr=&gdpr_consent=&account=9262&us_privacy=1---
  • https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9262&uid=L9G4O0W2-1F-G7NF&us_privacy=1---
86 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9262&uid=L9G4O0W2-1F-G7NF&us_privacy=1---
Protocol
H2
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&account=9262&uid=L9G4O0W2-1F-G7NF&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 9698 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=3ebe5306-b8d4-cb4d-0467-e501da2c76a4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TJWG3WNDX2QV39HEJ813
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ny75r2x0
sync-tm.everesttech.net/ct/upi/pid/ Frame 9698
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y1BnmQABozmFZQAT
85 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y1BnmQABozmFZQAT
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by
cache-ewr18121-EWR
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2145
x-timer
S1666213786.552182,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
18427

Redirect headers

x-served-by
cache-ewr18121-EWR
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1666213785.485900,VS0,VE8
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y1BnmQABozmFZQAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
f2af493f-34d2-e2fe-f5be-71634d48700d
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9698 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/f2af493f-34d2-e2fe-f5be-71634d48700d?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:9805:2364:1f96:8667 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 9698
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=66682f7b-a47e-70b7-c469-6796b21fbd44&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=66682f7b-a47e-70b7-c469-6796b21fbd44&gdpr=0&gdpr_consent=
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=66682f7b-a47e-70b7-c469-6796b21fbd44&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=66682f7b-a47e-70b7-c469-6796b21fbd44&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 9698
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGEwN2ZjYjEtNmQwOS0yZTEzLWQxODktM2QyZjc4ZmQ3MzI0
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGEwN2ZjYjEtNmQwOS0yZTEzLWQxODktM2QyZjc4ZmQ3MzI0&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGEwN2ZjYjEtNmQwOS0yZTEzLWQxODktM2QyZjc4ZmQ3MzI0&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGEwN2ZjYjEtNmQwOS0yZTEzLWQxODktM2QyZjc4ZmQ3MzI0&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 9698
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJ-td9VtNlKJ_4z6VoTHU4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJ-td9VtNlKJ_4z6VoTHU4&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKJ-td9VtNlKJ_4z6VoTHU4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A9CD 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6a5ff401242699df6eb015132706b38e09e1a50bf0777914b452fa8d8da47352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27070
Connection
keep-alive
Content-Length
9455
Expires
Thu, 20 Oct 2022 04:40:55 GMT
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
AN-X-Request-Uuid
4d4bf206-9274-4a7c-96f5-dea7f7b293a5
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 2772 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 2772
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&obuid=ENC(-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bus...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26u...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=b3ce8c41-96a3-4d8a-9a24-33e480d4cbe8-63506799-5553&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=b3ce8c41-96a3-4d8a-9a24-33e480d4cbe8-63506799-5553&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:46 GMT
Cache-Control
no-cache
X-TraceId
01634b192e25b69d0b2f77517d9ca551
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=b3ce8c41-96a3-4d8a-9a24-33e480d4cbe8-63506799-5553&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=91558b0b-8c6b-48e1-a312-777b7a4fbc02
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=91558b0b-8c6b-48e1-a312-777b7a4fbc02
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=91558b0b-8c6b-48e1-a312-777b7a4fbc02
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-25cd64a8-b926-4813-645b-06246ff38a7a$ip$96.9.249.37
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-25cd64a8-b926-4813-645b-06246ff38a7a$ip$96.9.249.37
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-25cd64a8-b926-4813-645b-06246ff38a7a$ip$96.9.249.37
Date
Wed, 19 Oct 2022 21:09:45 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
content-length
0
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
Date
Wed, 19 Oct 2022 21:09:45 GMT
Connection
keep-alive
X-CI-RTID
23f1b641-c1f8-4b46-b230-ab155a67feff
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 19 Oct 2022 21:09:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
138684572
location
https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 2772 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 19 Oct 2022 21:09:44 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=xjULo2IyAEivT6_B8v6S&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHV4GUVKMN4ZES6KBIVUXMVBWL5BDQ5RWKM
  • https://usersync.gumgum.com/usersync?b=zem&i=xjULo2IyAEivT6_B8v6S
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=xjULo2IyAEivT6_B8v6S
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=xjULo2IyAEivT6_B8v6S
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=bca6f3d6-3227-4fd1-ac52-27c252705d22
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=bca6f3d6-3227-4fd1-ac52-27c252705d22
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=bca6f3d6-3227-4fd1-ac52-27c252705d22
access-control-allow-origin
*
date
Wed, 19 Oct 2022 21:09:45 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1666213785676
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=234604614
  • https://sync.1rx.io/usersync/tradedesk/ea221eaf-db5b-4d4d-a055-5e9c544a934a
  • https://sync.targeting.unrulymedia.com/csync/RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Wed, 19 Oct 2022 21:09:45 GMT
Server
Tengine
ETag
RX42fe4f1096f34e8e8927d871d62890c3005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
Content-Type
text/html
Connection
keep-alive
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=UQLtaa4RhPRA&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=UQLtaa4RhPRA&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=UQLtaa4RhPRA&ev=1&pid=558355
content-language
en-US
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6bdd85b5c9-bw8f9
expires
-1
usersync
usersync.gumgum.com/ Frame 2772
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
date
Wed, 19 Oct 2022 21:09:45 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2772 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZEHVWJXM72NBHJ2HX5E2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame F9DC 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=3f974b2f-e251-4612-96e5-be2c7e872259
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
30WE651XSFJCAZ7SQJRE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F9DC
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://b1sync.zemanta.com/usersync/sharethrough?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=QU-QUaoE3OumbmkcRxSQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS63LBORRWQLTTNBQXEZLUNBZG65LHNAXGG33NF5ZXS3TDF53DCP3FPBRWQYLOM5ST243IMFZGK5DIOJXXKZ3IEZTWI4DSHUYCM43POVZGGZK7NFSD2YJXHEZTKMZQGU4DC...
  • https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=QU-QUaoE3OumbmkcRxSQ
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=QU-QUaoE3OumbmkcRxSQ
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Content-Type
text/html; charset=utf-8
Location
https://match.sharethrough.com/sync/v1?gdpr=0&source_id=a7935305814f8c5e2a34ba54&source_user_id=QU-QUaoE3OumbmkcRxSQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
147
Expires
Thu, 01 Dec 1994 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame F9DC
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame F9DC
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame F9DC
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://sync.srv.stackadapt.com/sync?nid=15
  • https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d32b6063-2ce6-4894-7061-58faa596c68c$ip$96.9.249.37
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d32b6063-2ce6-4894-7061-58faa596c68c$ip$96.9.249.37
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
54.198.189.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-189-0.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
https://match.sharethrough.com/sync/v1?source_id=f832af09fdaea37e940528ab&source_user_id=0-d32b6063-2ce6-4894-7061-58faa596c68c$ip$96.9.249.37
Date
Wed, 19 Oct 2022 21:09:45 GMT
Connection
keep-alive
Content-Length
169
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 73AB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
Wed, 19 Oct 2022 21:09:44 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master iad-pixel-x10 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 4584
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=&_test=Y1BnmQAAATVtmwAO
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18121-EWR
x-timer
S1666213786.540272,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame FCC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=&google_tc=
170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 50A2 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153845
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 19 Oct 2022 21:09:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 21 Oct 2022 15:53:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame B67B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 19 Oct 2022 21:09:45 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 5320
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
  • https://cs.emxdgt.com/umcheck?apnxid=1459971591854656313&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
  • https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Wed, 19 Oct 2022 21:09:45 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
usersync
usersync.gumgum.com/ Frame E71A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1BnmcCo8X0AAN.44fkAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y1BnmcCo8X0AAN.44fkAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 19 Oct 2022 21:09:47 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y1BnmcCo8X0AAN.44fkAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
151
X-SO-Cluster-ID
56
X-SO-HostName
a-ad40072.dc2p.scaleout.jp
X-SO-IP
96.9.249.37
X-SO-Key
Y1BnmcCo8X0AAN.44fkAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":56,"gdpr":false,"ipv4":"96.9.249.37","key":"Y1BnmcCo8X0AAN.44fkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40072"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40072
usersync
usersync.gumgum.com/ Frame 550C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75cc7f1f79448cc5-EWR
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enagv8bH37VrrPDRpDJ3CLGZeaXVwxkuarVMxIcqH6eyNxUjNw27pcH%2Fi%2BvQo6jFOfZder3AFczQBDWqImSY%2FjhJfcQRceetdUoTWed5JP6cCOa3lhDK8bVtSTlJcQYV3RLQsY%2BWkCW8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 93C9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:45 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT Wed, 19 Oct 2022 21:09:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 90C0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Oct 2022 21:09:45 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ecm3
s.amazon-adsystem.com/ Frame D2FF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=ga42885b583c005b4ae9
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V7YWBVFMXBJ6150XYFHD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame D2FF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=yieldmo
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=yieldmo
  • https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=1143ebb9-27ee-49a7-bf6c-ab6a434450bd&gdpr=&gdpr_pd=&gdpr_consent=
43 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=mf&userid=1143ebb9-27ee-49a7-bf6c-ab6a434450bd&gdpr=&gdpr_pd=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.203.204.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-204-136.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

location
//ads.yieldmo.com/v000/sync?pn_id=mf&userid=1143ebb9-27ee-49a7-bf6c-ab6a434450bd&gdpr=&gdpr_pd=&gdpr_consent=
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ads.yieldmo.com/v000/ Frame D2FF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g5ff9137a71aab1064c5
  • https://ads.yieldmo.com/v000/sync?tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a
43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.203.204.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-204-136.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/ Frame D2FF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=yieldmo
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=5ce5ed47-a050-4072-ba03-5e50c6e0d3c6&expires=1&user_group=5&ssp=yieldmo&bsw_param=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://ads.yieldmo.com/sync?userid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
43 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?userid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.203.204.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-204-136.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Location
//ads.yieldmo.com/sync?userid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&pn_id=bsw&extinit=0&gdpr=&gdpr_consent=
Date
Wed, 19 Oct 2022 21:09:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
ads.yieldmo.com/v000/ Frame D2FF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1459971591854656313&pn_id=an
43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1459971591854656313&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.203.204.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-204-136.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
AN-X-Request-Uuid
792243a1-81bb-4599-9130-d062cf248a5a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.yieldmo.com/v000/sync?userid=1459971591854656313&pn_id=an
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2FF 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=Z2E4MDhlNzZiMjIzZmVmZGZkYjA=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F504
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805785&gdpr=0&gdpr_consent=
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805785&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805785&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame F504
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y1BnmdhmOIisWEAbAzRkEAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F504
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1BnmdhmOIisWEAbAzRkEAAAACsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJGEYB2QjgT4VjmdbjYu7M8&google_cver=1
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJGEYB2QjgT4VjmdbjYu7M8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzM8W9x6I3iY9snpQ4RtL67VFngjTQyX5C6Oiz4vVMkxf%2BGJlMGWKhUW5pAO0VExl5xZS5p6aA5pl0ptKwYIhULkqFpQVBWsrE0xbpo1cvgUpTwBBG8%2BljTuZv%2FGB%2Fg4F1etsJl0KfkXmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75cc7f206b3b8cc5-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEJGEYB2QjgT4VjmdbjYu7M8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F504 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1BnmdhmOIisWEAbAzRkEAAAACsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QPDAM47P18H85JX7FG5G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame F504
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=218f306fa4a015ca&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABzSqMRMPhIgN8IYQuAAAAAAA&expiration=1666300185&is_secure=true
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABzSqMRMPhIgN8IYQuAAAAAAA&expiration=1666300185&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAABzSqMRMPhIgN8IYQuAAAAAAA&expiration=1666300185&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame F504
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=aJ0rdWhn1OLgjT5
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=aJ0rdWhn1OLgjT5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-02384098824f4665e@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=aJ0rdWhn1OLgjT5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame F504
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1BnmdhmOIisWEAbAzRkEAAA%26043?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1BnmdhmOIisWEAbAzRkEAAA%26043
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v040-00d50c06a.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5PhDoNozQgQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v040-0b419234c.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
V3UMURwpQ+M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame F504
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2D25B5DE5A984F5495D4F999FC6708B9
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2D25B5DE5A984F5495D4F999FC6708B9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2D25B5DE5A984F5495D4F999FC6708B9
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 18 Oct 2022 21:09:45 GMT
ecm3
s.amazon-adsystem.com/ Frame F504 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y1BnmdhmOIisWEAbAzRkEAAAACsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HA2VWDP77RTR9GN9SQ4P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=heavy.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1498782160631704&correlator=977321911253570&eid=31068457%2C31070044&output=ldjh&gdfp_req=1&vrg=2022101301&ptt=17&impl=fifs&us_privacy=1---&tfcd=0&iu_parts=18190176%3A25816858%2CAdThrive_Footer_1%2C5ad7479721520f50ab7da88e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C320x50%7C970x90%7C300x50%7C320x100%7C468x60%7C1x1&fluid=height&ifi=1&adks=2549405575&sfv=1-0-38&fsbs=1&fsapi=false&prev_scp=location%3DFooter%26sequence%3D1%26id%3DAdThrive_Footer_1_desktop%26ATF%3Dtrue%26sticky%3Dtrue%26lazy%3Dfalse%26refresh%3D00%26nref%3D0%26hvp%3D80%26amznbid%3D2%26amznp%3D2%26flag_slot%3Dfv%253Af%2Chbf%253A0%26hb_bidder%3DnoBid&eri=5&cust_params=flag%3Dtarget%253Aes2018%252Cadsmnche%253A204%252Cclson%253Afalse%252CclsBranch%253A%252CclsBucket%253A%252Clmdv%253A1.11.0%252Cidp%253Apc%252Crf%253A1%26at_custom_1%3Dheavy_home%26siteId%3D5ad7479721520f50ab7da88e%26organizationId%3D6233884d4980a8708835b331%26siteName%3DHeavy%26verticals%3DSports%252CNews%26abgroup%3Ddelload%253Aon%252Cdeftimer2%253A200%252Camzn%253Aon%252Cwvtls%253Aon%252Ctpcapi%253Aon%252Camzn_hold_load%253Aoff%252Cflr%253Acm%252Clzflr%253A60%252Cclsins_ss%253Atrue%252Cebho%253Averizon_ebda%252Cloglevel%253Aoff%252Cidho%253Aoff%252Clzhb%253Aon%252Clzcvp%253A2%252Clzbpvp%253A0.25%252Ctripleliftdr%253Aboth%252Cmagnitedr%253Aboth%252Cpbs2s_appnexus%253Aoff%252Cpbs2s_grid%253Aon%252Cpbs2s_gumgum%253Aon%252Cpbs2s_openx%253Aoff%252Cadt%253A1%252Cito_df%253A2300%252C3pho%253Anone%252Cvebho%253Aspotx_ebda%252Ccbt%253A4s%252Cvast_to%253A10s%252Cproto%253Aall%252Cpbm%253Aon%252CreqTo%253A15%252Cvadv%253Aon%252Csmhd100%253Aoff%252Csmad300%253Aon%252Cs2sbuff%253Aoff%252Ccoldr%253Aboth%252Crmos1%253Aoff%252Csocon%253A0%252Csab%253Aon%252Cdco%253Arelaxed%252Cmxrpog%253A4%252Cdajto%253Aoff%252Cjwb%253Aoff%252Cvpred_1%253A90%252Ccrtvmon%253Aoff%252Cpba%253Anone%252Camzn_hold_disp%253Aon%252Cbmetrics%253Aon%252Cconfiant%253Aprod%252Ccnfep%253Aoff%252Crefflr2%253A1.1%252Crefvidflr%253A1%252Csocbe%253Asovpct2%252Clogcls%253Aoff%252Csidp%253Aoff%252Crebuildslot%253Aon%252Cupl%253Aoff%252Csekho%253Aoff%252Csospp%253Aon%252Crmosnv1%253Aoff%26bucket%3Dflex-31%26sens%3Dalc%252Cast%252Cconl%252Ccosm%252Cdat%252Cdrg%252Cgamc%252Cgamv%252Cpol%252Crel%252Csst%252Cssr%252Csrh%252Cwtl%26domain%3Dheavy.com%26plugin%3Dcam-manual%26hi_au%3Dod%252Com%26vpwxvph%3D1600x1200%26ri%3D88%26pvk%3D01GFS19B1PVZCK1G2FHHYX9DJT%26sess%3D01GFS19B1P4WHBPBQCM2Q2BXZ3%26branch%3Dac9686f%26deployment%3D2022-10-19-5%253Aadm-388%253Apr2787%253Aac9686f%26hbho%3D33across%252Cconversant%26vbho%3Dnone%26gptv%3D2022101301%26connection%3Dniet%253A4g%252Cdl%253A10%26fpv%3D1%26mcmp%3DBA_GAA2554%252CBA_GAM3554%252CBA_GAM2549%252CHOME%252CAO_SNDE%252CBA_CAMSF19%252Ciabc_483%252CBA_WSKW20%26site_code%3DA2549_Phone_49%252CA2554_Phone_58%252CA3599_Desk_72%252CA3599_Phone_72%252CA4599_Desk_57%252CAFOI_2020%252CALC_072019%252CATT_2020%252CATZN_2020%252CC1_HV_Phone_T50%252CC2_HV_Phone_T50%252CEXCLAA_19%252CMGBW_2021%252CMIQWO_2022%252CMSPWL_2021%252CRDST_2020%252CTYS_062019%252CUNI_DSK_HV%252CUNI_PHN_HV_C1%252CUNI_PHN_HV_R1%252CUNI_PHN_RHV%252CUNI_TAB_HV%252CUNI_TAB_HV_C1%252CUNI_TAB_RHV%252CVITFM_21%252CXUNI_2020%26marmalade%3Dtrue&sc=1&cookie_enabled=1&abxe=1&dt=1666213785628&dlt=1666213783229&idt=1536&adxs=436&adys=1130&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fheavy.com%2F&frm=20&vis=1&psz=1600x4384&msz=1600x-1&fws=516&ohw=1600&ga_vid=75630370.1666213783&ga_sid=1666213786&ga_hid=1796467786&ga_fc=true&cbidsp=CrwFCAESEQoIdHJpcGxfc3MQkAYgAjgCEg0KBGdyaWQQjwYgAjgCEhMKCmJyaWdodHJvbGwQjwYgAjgCEhAKB3B1Ym1fc3MQjwYgAjgCEhAKB3J1Ymlfc3MQjwYgAjgCEhAKB3lpZWxkbW8QjwYgAjgCEg8KBnVucnVseRCPBiACOAISDwoGZ3VtZ3VtEI8GIAI4AhIPCgZjb2xfc3MQjwYgAjgCEgwKBXRlYWRzEK0BIAISCQoCaXgQpAEgAhIJCgJpeBCkASACEgkKAml4EKQBIAISCQoCaXgQpAEgAhIJCgJpeBCkASACEgwKBWthcmdvENUBIAISDAoGY3JpdGVvEHogAhIQCgp0cmlwbGVsaWZ0EG0gAhIMCgVvcGVueBDYASACEg4KB3Zlcml6b24Q-QEgAhIOCgd2ZXJpem9uEPkBIAISDgoHdmVyaXpvbhD5ASACEg8KCHB1Ym1hdGljELQBIAISDgoHcnViaWNvbhChAyACEg8KCHlhaG9vc3NwEKgCIAISDwoIeWFob29zc3AQqAIgAhIPCgh5YWhvb3NzcBCoAiACEg8KCGFwcG5leHVzEIgBIAISEwoMc2hhcmV0aHJvdWdoEI8BIAISEwoMc2hhcmV0aHJvdWdoEI8BIAISEwoMc2hhcmV0aHJvdWdoEI8BIAISEwoMc2hhcmV0aHJvdWdoEI8BIAISEwoMc2hhcmV0aHJvdWdoEJABIAISCgoDdHRkEIsBIAISDwoIY29sb3NzdXMQggEgAhINCgdyb3VuZGVsEAEgAhINCgdyb3VuZGVsEAEgAhINCgdyb3VuZGVsEAEgAhINCgdyb3VuZGVsEAEgAhINCgdyb3VuZGVsEAEgAhgCIiRkMzNlMjViZC05MTEzLTQzYTEtYTM4NC1mNWNmMWZjM2FhNDAqBAgDIABKAEC0EA..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
254ca9d462cba21afda208e08e58490858355a974100886ecf035f036a69eed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12322
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://heavy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a87f2cb907d8c732ef47486fe1722f608b067a4b0d67831c877f3071a6d6f7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11272
x-xss-protection
0
container.html
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60FF 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
Thu, 19 Oct 2023 21:09:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
eb2.3lift.com/ Frame 73C1 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
32ec385fa84cc6ca98181f5b9fdf7bf726c3399414c6885cc48da80da1691257

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1243
content-type
text/html; charset=utf-8
date
Wed, 19 Oct 2022 21:09:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
s.amazon-adsystem.com/ Frame A9CD
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=L9G4O0W2-1F-G7NF
  • https://s.amazon-adsystem.com/ecm3?id=L9G4O0W2-1F-G7NF&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L9G4O0W2-1F-G7NF&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VE8V2DGYXHT9BZ4CBDXA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=L9G4O0W2-1F-G7NF&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
Expires
0
usync.js
eus.rubiconproject.com/ Frame 90C0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6a5ff401242699df6eb015132706b38e09e1a50bf0777914b452fa8d8da47352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27070
Connection
keep-alive
Content-Length
9455
Expires
Thu, 20 Oct 2022 04:40:55 GMT
xuid
eb2.3lift.com/ Frame 73C1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 73C1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgwMDg5ODE1NzE1Njg2ODA0MzYyNA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 73C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECWQB8qQH7ToTYqJwUefvpQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECWQB8qQH7ToTYqJwUefvpQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECWQB8qQH7ToTYqJwUefvpQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 73C1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgwMDg5ODE1NzE1Njg2ODA0MzYyNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgwMDg5ODE1NzE1Njg2ODA0MzYyNA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTgwMDg5ODE1NzE1Njg2ODA0MzYyNA%3D%3D
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 73C1
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1800898157156868043624&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1800898157156868043624&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc&_noobservation=1&_expected_cookie=4ddd78d...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc&_noobservation=1&_expected_cookie=4ddd78d92026f6ba069aa6b066cd0f65
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
104.18.98.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Wed, 19 Oct 2022 21:09:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75cc7f234ae5c448-EWR
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc&_noobservation=1&_expected_cookie=4ddd78d92026f6ba069aa6b066cd0f65
date
Wed, 19 Oct 2022 21:09:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75cc7f22ea2cc448-EWR
content-length
0
xuid
eb2.3lift.com/ Frame 73C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1800898157156868043624&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ea73ac56-671f-48a7-b0ee-846b9b6fd698&ssp=triplelift&expires=30&user_group=5&bsw_param=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://eb2.3lift.com/xuid?mid=2409&xuid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 73C1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1800898157156868043624?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-WI_5w1BE2oTnnBY7dvFpqD_d87IUmrFm5G4FHlAASQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WI_5w1BE2oTnnBY7dvFpqD_d87IUmrFm5G4FHlAASQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-WI_5w1BE2oTnnBY7dvFpqD_d87IUmrFm5G4FHlAASQ--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 73C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1800898157156868043624
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 73C1 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1800898157156868043624&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
last-modified
Thu, 13 Oct 2022 20:05:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B57F824B291649879E501B31529B1B58 Ref B: EWR311000102019 Ref C: 2022-10-19T21:09:45Z
etag
"b656771f3fdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 73C1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=QU-QUaoE3OumbmkcRxSQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5KFKS2UKVMFXUK...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=QU-QUaoE3OumbmkcRxSQ
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=QU-QUaoE3OumbmkcRxSQ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=QU-QUaoE3OumbmkcRxSQ
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 73C1 		0
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=1800898157156868043624
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 21:09:45 GMT
tap.php
pixel.rubiconproject.com/ Frame A9CD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/BQZanTKepWlGnyvGQLrTgsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8788514985055424714
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8788514985055424714
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 19 Oct 2022 21:09:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8788514985055424714
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A9CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFwpWDSixq5O4t78b1PBRg&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFwpWDSixq5O4t78b1PBRg&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHFwpWDSixq5O4t78b1PBRg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame A9CD 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
129W3J91F0AF084XWKRC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A9CD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A9CD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE5NTExYWI0NDJkZTRlYzdjMDNiMGFjNDNiZTU3N2NiOWMwZmI2YQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE5NTExYWI0NDJkZTRlYzdjMDNiMGFjNDNiZTU3N2NiOWMwZmI2YQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE5NTExYWI0NDJkZTRlYzdjMDNiMGFjNDNiZTU3N2NiOWMwZmI2YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame A9CD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gm0Hsk47QmOtMQ_UnwPwoQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gm0Hsk47QmOtMQ_UnwPwoQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gm0Hsk47QmOtMQ_UnwPwoQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FK1SC36J9D8QNVJ6FZFC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=gm0Hsk47QmOtMQ_UnwPwoQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A9CD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=ea221eaf-db5b-4d4d-a055-5e9c544a934a&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame A9CD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9G4O0W2-1F-G7NF
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9G4O0W2-1F-G7NF
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-mediagrid_n-index_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:45 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A03A3285F0374124898DB5EF6BBA0F48 Ref B: NYCEDGE1310 Ref C: 2022-10-19T21:09:45Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXraaDU8w6bZwyZKs9Qww==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9G4O0W2-1F-G7NF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BF0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
70605
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 01:33:00 GMT
expires
Thu, 19 Oct 2023 01:33:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 644B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e7447dac59095827d6d837d8eb98b830878a872d22cbf590111cc4f2d32d5f5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G3aBmLzMxbzbDb5VgoLrUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-G3aBmLzMxbzbDb5VgoLrUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
Wed, 19 Oct 2022 21:09:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usersync
usersync.gumgum.com/ Frame 90C0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9G4O0W2-1F-G7NF
  • https://usersync.gumgum.com/usersync?b=mag&i=L9G4O0W2-1F-G7NF
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L9G4O0W2-1F-G7NF
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:45 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=L9G4O0W2-1F-G7NF
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame 0BF0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:56:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 644B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101301&jk=1498782160631704&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0BF0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Rvc5zQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1-...
  • https://sync.targeting.unrulymedia.com/csync/RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
86 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
Protocol
H2
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Date
Wed, 19 Oct 2022 21:09:46 GMT
Server
Tengine
ETag
RX42fe4f1096f34e8e8927d871d62890c3005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005
Content-Type
text/html
Connection
keep-alive
/
hde.tynt.com/deb/ Frame E3E5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26g...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_cons...
  • https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_con...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4628a738d45d13db7966d5927603aed60d673bebbef468283149b3034989514b

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1705
content-type
text/html
date
Wed, 19 Oct 2022 21:09:46 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
container.html
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 139D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202205091138/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:45 GMT
expires
Thu, 19 Oct 2023 21:09:45 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 4C5E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=1---
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Oct 2022 21:09:46 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 19 Oct 2022 21:09:46 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
server
AkamaiGHost
setuid
prebid-server.rubiconproject.com/ Frame E3E5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1666213786507.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=117941801089978
0
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=117941801089978
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=117941801089978
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E3E5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=1---
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=4fac9b1d-0694-4b39-9fc9-ee84ada974d9&expires=3&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:47 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E3E5
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&ts=1666213786507.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%2...
  • https://sync.mathtag.com/sync/img?us_privacy=1---&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D1---%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=17336350-6799-4700-a300-f79b24069d01
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=17336350-6799-4700-a300-f79b24069d01
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 19 Oct 2022 21:09:46 GMT
Server
MT3 4539 98cc2da master iad-pixel-x11 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=1---&bidder_id=1&external_user_id=17336350-6799-4700-a300-f79b24069d01
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Oct 2022 21:09:45 GMT
match
events-ssc.33across.com/ Frame E3E5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-ZZHNX4xE2uEpsgRN5ORqRPFM51WyUo.G~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ZZHNX4xE2uEpsgRN5ORqRPFM51WyUo.G%7EA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ZZHNX4xE2uEpsgRN5ORqRPFM51WyUo.G%7EA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-ZZHNX4xE2uEpsgRN5ORqRPFM51WyUo.G%7EA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E3E5
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=1---
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=57b393ae16d104d0&is_secure=true&networkId=78390&version=1&us_privacy=1---
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAABtbfiBXwwigMLoX_MAAAAAAA&expiration=1666300186&is_secure=true&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABtbfiBXwwigMLoX_MAAAAAAA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABtbfiBXwwigMLoX_MAAAAAAA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:45 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAABtbfiBXwwigMLoX_MAAAAAAA&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame E3E5
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D1---%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=1---&xi=33&xu=1800898157156868043624
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1800898157156868043624&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1800898157156868043624&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=1800898157156868043624&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C718 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2aiAIQx_3gAhjUuuPKATAB&v=APEucNWhdjtDbTHvfbXOyexi0fW6Z0ik6Ga3awf_uKedROrIvYCnFC7Z467hTD61_q_loYS18EvXCxZwBFJGvrajUdZd7M5V3Q
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 139D 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTN-MKXa20iMzf5QkuKJ9Jmj9zSEl3svbX05mUStU7ZjpeN4v_1DQjMk3wG5p4xJna3yrLJ9v360r0BGagciMeLqkXXxtJB7CjzTjaOeaVwqptuHPk-oESfz4M_lFVHGwPXQC5orGb8y20FOjYPLKr39mlbC0q20wHeo9wLqMH16edb0Y&cry=1&dbm_d=AKAmf-BnF6RfdGjEuz6BK2V2yZixpZgU-g_-XtgfKbpp56Rc8U6OFJYJGlWoIDe4tFil1LCHg9_3RvHW9ibHv878jgUM-KvOIS-cl7yDTkpUX0Zo_-4CV3RCyuUcVFdF1f-tnKsLG-pzS7eF_Ehlyp7birGYHHg0_nYm0NAwKe1sHQj4QYAS2tfXPUAPGKEmpGXAgczdDTCbFyOjdlQgy2ymIdHKSVGr47RVeLW7iiUYuOleHbncPHHgXIEOf08an6ML24g03l_aaLs8VwstrKQcneR63MJYUYVy2tq2i-RZi65Eg4RziOM_bXdKC-eFEELzUZuTSYmDXATNNxztbzrRZ4qkg67fvhVUA74KeP98rjHaCkzrtNC4URC-U_rwTGkAnbhNT2fSjUiu6t2UI8sqtN7fqlrKWJF-Vh8PQZOVsacbd0asahwQKAV3fRK9W8R5Gbj_kM0AvSY9TPRH6nel-W5-rSZ5u29-1RpIcOBdvp0DAW_Ux5m18hfW9zfMnVxq0uynvsvdo-uX3oKkP4PEwGryz6hKyM-WGdnLk1GLgRYCHvbTuP2_VWOG819rzmJ8nzE6KZSDgOVIXNuRDNq19QoXAudf11NGbzvSfJr6bpGO0slYvF-v45L6KPLlyOZ8WY88dwr3Xw19wI5kN9pwzBfu5whiKn7tkgrOeaEGG-FPqlz_0PKAeSrSAaJ2cnh2BrbnR15nNR6V1BewOdDugUTYgXzRD3d4_YmbG2KdyvsRQTO4UAZ1hwdbj6jY62REvljMimwH-hqRPpSlAZEEdwNnmV6HSlHO0jLC6jYjAgzclaJZCqgAa4UDxn-Ah3rkeo54-omsqmclqhJISCRFlgh88rFGEzmXgfxhxipNMYGVZDAlq62NXtBekWqeXXZFzN2MccrIankx6JH8Sta2w1En8QS0xyesdIP-EHPZyiqAb9VnV2KY36fn8v4Iv5aJ69oXbf3bfN0xqZsdUCVcqerWzJV3l_YZSYmfsMqwxrjhF060WQzR7TN2TLk74H9O4En7uYoJcTxMWC8ctKu5fZeXApUJAYSwZuhAv3BWYKZvhkLJGeVB2pUa6HjCoa5S3nNAXS0HhxXE-yvq_fsVVJ6Cb1gXD9Jc6lZvEn8kBBauf4UEiIE_TrZGos6JfaDrdginObZJCOKcHU0pjaF6-xOK5pGBpNMgYB84dJGywbBfQJxOyJ1fEQmV97ZaLrjkesbOELQrNKZzDZXZzP9Pp_1fatSZf6H8S5cZSOWePKjPdcg7nexYVI57HPQlUZlLl403ZgZFeUdT034eP_DNzYiBLpnsgi9vtCtuuSl5NoPrhgH7DDHKEk392qJOX2aXutbcxSvc3zetu-dForctdqoNYr3EtUqt-fYQwMs2TEVeB3Db1ad5kUFzsWyr8Tt5Ci9tOAs7wLKPzpXtFGh8b1IEepEtLHVtftn_mIRgjmfuybjH8HShZIAvcq58ZdmeSqq6Dc9njPoiVZvnXL8R8_xr7P74mKa_odZAl1yJkAc-f04zYbFvFurkOO8LRP7uh_6VXPlSbrDldpKaotPcC9vEMYK7r-hWQUy1rjakFnnbwBQFJKIQ-KmW4CtiAAPCfq69yIWoJ_yUP_Ee4rneg7hDDt0c05rwe3dKPEwTWOrPfNOvy5ZFYAVYq3AnqWRY7pz6XNNv7kpw0TlwRPDRdzT_zD8B3K4iDQjnNFl_m81-yBvbic3mfZIAn6DzC-YFjLWkH1jE_1Bus9A-E-6W5om9APHFIMfskGIZFMp91jfviFwvqzxb5DyqL-hExsguZK_jQvRlrkoj2MWwmaljWh0aqIr7IAZRBRS9NWjHbux3SdFVIqRLRedBq1rahmbWnIq45PI3823L8wmKdv9LoidCY4-2uDt3CjnCLmFNEdZ9Gww6BLdGt4RjYmsnvKniCWfiBBH3w9DHC1-DrmgGPgTsAKjX5a4lFk61CF2zKUKvMQ8UY8JeA0S6l87u-Z8RMv0UhD0PA_UBb3EBJQnANqP1seTRsA4kPgdt16FQDe4CFFNLUHhTihOcRvpwgkLSxKGvUyb27vEQx5nHIaA7OEZznnYwOUpGQKu7dCcTnYpdK7daSEA_CZh4oviO_lyA1yabDssxisLXhH8auquQBivmDGvWvWxGsfzlbPjJ_R6i6ym4nP1HTaRGwsht7IC6BjUks40SUd24yhGo7scRqLfoM-7gBLH-RrVn7JlsTY5gpjcpazWNTa4UQoq6Eq7-hvf4TNNuwp22r9TIMJDw1DWXCFcYypcEDu1fOsVSfvrduIwdJUu5GwPbSOpLGY_6F6CjymhzXgTXRT5WsAOTNXAdAxDA9q_9192Mv9lgVvTUFGoHZ_zYeJK0pIATIYxLJAmaGd8b2w-B4ssaU4_fyYIBdbj28qpDCFhpb4jrij6CY_pe2mYboe_GMRlBvIHDicBcalm6FQdO1IkfbAqHXe8pA_shWA8VYmZ1iVAi_Yawat1brzNlqu81an1I5Xc8LOefvoLk7jHiU-f0OSMIMasv7S5imdzkLKG2r40_Gs7N80W_ocMG6CRt5aRI-k0GM-rMmGrM8us1JbzpfBHiBDyDZX5c7xOKQuwOpz9SHGGP5fsYyuhTCTsKJZeFE-4EWnGarjkjyG8JLFvvc7cuphY-TVo6gXT_lBUJw6M_cCYmJVsixIkpF5750-SDsp7uYepL5nDjy95NB6HNbcWj9H8su1MHuFr2Q9JbEgBm5FPRayH554sENqLjrx0bKkXhKvAWCv-FJw09tdGrGWb_N5zwEtsddO2ZZdzfENxoFYjmHzAxTOawuXq0GCJdrPDHAUrqkkg_4NGXGSGjQ_-j058iOQe6IihoiSfsArvGyhdmNNwp5DmLUWxu7ggF3tHtnuKTvqQnGvn1z8wNb6an7IEwXAKzCF7Tl36DK330f16AGHaSQjx0GVzegky3ZvXHSPZPqieB1WlN02yBhAyyKbzNUHfmuuPEOjbb9LIg1DGLSJDZxrcqg4YfZZX4pPdtkWq3IRubF2hh2qfD4l98wqdT4DO1dtnf8t4EOcxXOINnqEuQjjHL--SxOInlNOxj2QvA-QqYOR9Cqbkfd1AWXiMNMQC2QUtTqeDXorF6boz9Zvfq5mFG4exVMmh-CItc2TlYobB2V8QlQjcFBjwOvFDBTNrlmyYo1Kyjo4AmSeA3UCL_NLqM8KbP7vjx9kw3qTwRn9uPchELsvmvkxe37KKRXwviShiaVCu0ovxKJIMr0WrOoMuKg-ke0naorwr_IHKyINgn0GrR0r0dyQN-pQPNCnrfRkpTwR6k2WFYt8dr1TgR1Bg&cid=CAQSPADq26N9Kj5S_oEAJCPJbf83eS1bQrhNMhMVTEsxrlWiBim-Tj4-ru9VN-ZZgUqw2A9ENUlfC3yF-m2BwRgBIA4&rfl=1%2Chttps%253A%252F%252Fheavy.com%252F%240
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea7355e892444daa88bf1c7c84254618f652101046a1acbe284ece3ab0802e53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16898
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 139D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8EgPGgokXsUCieLSqEn7uoRdaHqqCsEdsBD7DcsIweEnSAojtB_Nb4LgQggFVEHNM04RuczH5hVp_5gRs5bgUrBVc9LvNQTd4jE5DSdfFXaUL6ts
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 139D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/window_focus_fy2021.js
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21782
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:06:44 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/ Frame 139D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221018/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21782
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7569
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:06:44 GMT
l
www.google.com/ads/measurement/ Frame 139D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5oK8l3KLOAPmX2QmhlJvYmSaGGvfDH64_AIBxh5NOYPlm4cgBIkblreSmYkVZcE6Uls_bmKaESBdU_boWWef3uXVEFw
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 139D 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47415
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665574756386403"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Oct 2022 21:09:46 GMT
usync.js
eus.rubiconproject.com/ Frame 4C5E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6a5ff401242699df6eb015132706b38e09e1a50bf0777914b452fa8d8da47352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27069
Connection
keep-alive
Content-Length
9455
Expires
Thu, 20 Oct 2022 04:40:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101301&jk=1498782160631704&bg=!urmluf3NAAYeOJy_Pjg7ACkAdvg8Wt0hoZcTXTxLLyR2vTcf5zftLBmspfHMVV2xBoTFWqmNZyifUwIAAABSUgAAAAJoAQcKABdm3INFs45UIIFfuLEtnFl1R90gKfr1yJkCnnFQrpuuzrGlnHsE3tJZyiITw5NEh0AxAV71dTsLozmnI9dQwqKIkO08ifDtHRyDVaC3ipuHhAYDF_iOCdtcFoMFGddZl9zuvijXGn5e9XPwCkzGc9uy7xRqwbU-yrJx1Q9cv09flITa2JxAkpsMLH88YN19N_oEyNwc6ktpfR7HBG4uORNoOaSLsNz4ORjGLqFSQxcy0uZqhr19expgUE86vRQbQe2TU-S5iCp-aM37enVRumeQl3_9lyQMo-WqjesrFMYckhNCYUVr2xiD02FFm3mnqFMK6c0SFbE-DKVkhqCSYSqM7ASi6EaK4sGLRZ98joP7MTn-GheK5tWqZ9FvHHvNBk99C1CgqyZFovqXl_q0149NtRa36e2JoZlqoN_Eq7UWCHBCrADOsHenDshVbqkeZMeoeUKcbX139WFOf07sliOY1KmYPwxLVH4p4gtPSygpFN9_S80eLixYEmVoguDFGpTHN1cQn5Pm1q1iS6E0XF6mwEHJ9xuuDKNzMg9d9duau1Ol-9IcamqadOMla6MLLFtR80XHQcLCyEK5vr6HSxw494YM0X4l-8K87RYLsLp3Yn2lkbgkz6O4s410gNyKCceFLQmgwpvXL84DKrawnH61MBdRW0UZ-94e83SLLJfQ71fib-e26UoOE_bWGNzsj3F-s5XAa4jeSTzpM9ZRZslS7sOAsLV7MnxC9NrX8olvzakimfJbeLPmJD1JeHpf4ArMSHgvg55KkSQzV65784d7xm30PnT0I6QplSqMmHQvO-0hQXI_NjOjBDCg0aay9x2oDMQsL08gljNMLbON5B4skFd2QyA0Cs1sOJDORgQVF705yQPh-Uunfz-MxDjTsvQPpDoY5I1EOZjMcdH5xa5b8k8iG-g0ObI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
match
events-ssc.33across.com/ Frame 4C5E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=1---&us_privacy=1---&khaos=L9G4O0W2-1F-G7NF
  • https://ssc-cms.33across.com/ps/?xi=1&xu=L9G4O0W2-1F-G7NF&us_privacy=1---
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9G4O0W2-1F-G7NF&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9G4O0W2-1F-G7NF&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=1---
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=L9G4O0W2-1F-G7NF&ts=1666213786&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
heavy-samesite-cookie-widget.js
heavy.com/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/plugins/heavy-samesite-cookie-widget/js/heavy-samesite-cookie-widget.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5293b05c3ff1365790debd62d063842f883107d47dfbda18eb4a3a2d9bb52e6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:50 GMT
server
nginx
age
18941
etag
W/"633ac826-1190"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1419
expires
Thu, 19 Oct 2023 21:09:46 GMT
rum
dsum-sec.casalemedia.com/ Frame C718
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2aiAIQx_3gAhjUuuPKATAB&v=APEucNWhdjtDbTHvfbXOyexi0fW6Z0ik6Ga3awf_uKedROrIvYCnFC7Z467hTD61_q_loYS18EvXCxZwBFJGvrajUdZd7M5V3Q
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C718
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1BnmdhmOIisWEAbAzRkEAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2aiAIQx_3gAhjUuuPKATAB&v=APEucNWhdjtDbTHvfbXOyexi0fW6Z0ik6Ga3awf_uKedROrIvYCnFC7Z467hTD61_q_loYS18EvXCxZwBFJGvrajUdZd7M5V3Q
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP_mRaoBz-xAnUx-vganWOg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C718
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI3rlx-ExOq9sa62czagc_I&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI3rlx-ExOq9sa62czagc_I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2aiAIQx_3gAhjUuuPKATAB&v=APEucNWhdjtDbTHvfbXOyexi0fW6Z0ik6Ga3awf_uKedROrIvYCnFC7Z467hTD61_q_loYS18EvXCxZwBFJGvrajUdZd7M5V3Q
Protocol
HTTP/1.1
Server
68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
AN-X-Request-Uuid
5c7e0d1f-2b21-4454-9bea-4fb993deee1f
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI3rlx-ExOq9sa62czagc_I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C718
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ1OTk3MTU5MTg1NDY1NjMxMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ1OTk3MTU5MTg1NDY1NjMxMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2aiAIQx_3gAhjUuuPKATAB&v=APEucNWhdjtDbTHvfbXOyexi0fW6Z0ik6Ga3awf_uKedROrIvYCnFC7Z467hTD61_q_loYS18EvXCxZwBFJGvrajUdZd7M5V3Q
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:46 GMT
AN-X-Request-Uuid
dddf9a33-5ff9-40ea-8122-9e40b125772e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ1OTk3MTU5MTg1NDY1NjMxMw%3D%3D
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221018/r20110914/ Frame 139D 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221018/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTN-MKXa20iMzf5QkuKJ9Jmj9zSEl3svbX05mUStU7ZjpeN4v_1DQjMk3wG5p4xJna3yrLJ9v360r0BGagciMeLqkXXxtJB7CjzTjaOeaVwqptuHPk-oESfz4M_lFVHGwPXQC5orGb8y20FOjYPLKr39mlbC0q20wHeo9wLqMH16edb0Y&cry=1&dbm_d=AKAmf-BnF6RfdGjEuz6BK2V2yZixpZgU-g_-XtgfKbpp56Rc8U6OFJYJGlWoIDe4tFil1LCHg9_3RvHW9ibHv878jgUM-KvOIS-cl7yDTkpUX0Zo_-4CV3RCyuUcVFdF1f-tnKsLG-pzS7eF_Ehlyp7birGYHHg0_nYm0NAwKe1sHQj4QYAS2tfXPUAPGKEmpGXAgczdDTCbFyOjdlQgy2ymIdHKSVGr47RVeLW7iiUYuOleHbncPHHgXIEOf08an6ML24g03l_aaLs8VwstrKQcneR63MJYUYVy2tq2i-RZi65Eg4RziOM_bXdKC-eFEELzUZuTSYmDXATNNxztbzrRZ4qkg67fvhVUA74KeP98rjHaCkzrtNC4URC-U_rwTGkAnbhNT2fSjUiu6t2UI8sqtN7fqlrKWJF-Vh8PQZOVsacbd0asahwQKAV3fRK9W8R5Gbj_kM0AvSY9TPRH6nel-W5-rSZ5u29-1RpIcOBdvp0DAW_Ux5m18hfW9zfMnVxq0uynvsvdo-uX3oKkP4PEwGryz6hKyM-WGdnLk1GLgRYCHvbTuP2_VWOG819rzmJ8nzE6KZSDgOVIXNuRDNq19QoXAudf11NGbzvSfJr6bpGO0slYvF-v45L6KPLlyOZ8WY88dwr3Xw19wI5kN9pwzBfu5whiKn7tkgrOeaEGG-FPqlz_0PKAeSrSAaJ2cnh2BrbnR15nNR6V1BewOdDugUTYgXzRD3d4_YmbG2KdyvsRQTO4UAZ1hwdbj6jY62REvljMimwH-hqRPpSlAZEEdwNnmV6HSlHO0jLC6jYjAgzclaJZCqgAa4UDxn-Ah3rkeo54-omsqmclqhJISCRFlgh88rFGEzmXgfxhxipNMYGVZDAlq62NXtBekWqeXXZFzN2MccrIankx6JH8Sta2w1En8QS0xyesdIP-EHPZyiqAb9VnV2KY36fn8v4Iv5aJ69oXbf3bfN0xqZsdUCVcqerWzJV3l_YZSYmfsMqwxrjhF060WQzR7TN2TLk74H9O4En7uYoJcTxMWC8ctKu5fZeXApUJAYSwZuhAv3BWYKZvhkLJGeVB2pUa6HjCoa5S3nNAXS0HhxXE-yvq_fsVVJ6Cb1gXD9Jc6lZvEn8kBBauf4UEiIE_TrZGos6JfaDrdginObZJCOKcHU0pjaF6-xOK5pGBpNMgYB84dJGywbBfQJxOyJ1fEQmV97ZaLrjkesbOELQrNKZzDZXZzP9Pp_1fatSZf6H8S5cZSOWePKjPdcg7nexYVI57HPQlUZlLl403ZgZFeUdT034eP_DNzYiBLpnsgi9vtCtuuSl5NoPrhgH7DDHKEk392qJOX2aXutbcxSvc3zetu-dForctdqoNYr3EtUqt-fYQwMs2TEVeB3Db1ad5kUFzsWyr8Tt5Ci9tOAs7wLKPzpXtFGh8b1IEepEtLHVtftn_mIRgjmfuybjH8HShZIAvcq58ZdmeSqq6Dc9njPoiVZvnXL8R8_xr7P74mKa_odZAl1yJkAc-f04zYbFvFurkOO8LRP7uh_6VXPlSbrDldpKaotPcC9vEMYK7r-hWQUy1rjakFnnbwBQFJKIQ-KmW4CtiAAPCfq69yIWoJ_yUP_Ee4rneg7hDDt0c05rwe3dKPEwTWOrPfNOvy5ZFYAVYq3AnqWRY7pz6XNNv7kpw0TlwRPDRdzT_zD8B3K4iDQjnNFl_m81-yBvbic3mfZIAn6DzC-YFjLWkH1jE_1Bus9A-E-6W5om9APHFIMfskGIZFMp91jfviFwvqzxb5DyqL-hExsguZK_jQvRlrkoj2MWwmaljWh0aqIr7IAZRBRS9NWjHbux3SdFVIqRLRedBq1rahmbWnIq45PI3823L8wmKdv9LoidCY4-2uDt3CjnCLmFNEdZ9Gww6BLdGt4RjYmsnvKniCWfiBBH3w9DHC1-DrmgGPgTsAKjX5a4lFk61CF2zKUKvMQ8UY8JeA0S6l87u-Z8RMv0UhD0PA_UBb3EBJQnANqP1seTRsA4kPgdt16FQDe4CFFNLUHhTihOcRvpwgkLSxKGvUyb27vEQx5nHIaA7OEZznnYwOUpGQKu7dCcTnYpdK7daSEA_CZh4oviO_lyA1yabDssxisLXhH8auquQBivmDGvWvWxGsfzlbPjJ_R6i6ym4nP1HTaRGwsht7IC6BjUks40SUd24yhGo7scRqLfoM-7gBLH-RrVn7JlsTY5gpjcpazWNTa4UQoq6Eq7-hvf4TNNuwp22r9TIMJDw1DWXCFcYypcEDu1fOsVSfvrduIwdJUu5GwPbSOpLGY_6F6CjymhzXgTXRT5WsAOTNXAdAxDA9q_9192Mv9lgVvTUFGoHZ_zYeJK0pIATIYxLJAmaGd8b2w-B4ssaU4_fyYIBdbj28qpDCFhpb4jrij6CY_pe2mYboe_GMRlBvIHDicBcalm6FQdO1IkfbAqHXe8pA_shWA8VYmZ1iVAi_Yawat1brzNlqu81an1I5Xc8LOefvoLk7jHiU-f0OSMIMasv7S5imdzkLKG2r40_Gs7N80W_ocMG6CRt5aRI-k0GM-rMmGrM8us1JbzpfBHiBDyDZX5c7xOKQuwOpz9SHGGP5fsYyuhTCTsKJZeFE-4EWnGarjkjyG8JLFvvc7cuphY-TVo6gXT_lBUJw6M_cCYmJVsixIkpF5750-SDsp7uYepL5nDjy95NB6HNbcWj9H8su1MHuFr2Q9JbEgBm5FPRayH554sENqLjrx0bKkXhKvAWCv-FJw09tdGrGWb_N5zwEtsddO2ZZdzfENxoFYjmHzAxTOawuXq0GCJdrPDHAUrqkkg_4NGXGSGjQ_-j058iOQe6IihoiSfsArvGyhdmNNwp5DmLUWxu7ggF3tHtnuKTvqQnGvn1z8wNb6an7IEwXAKzCF7Tl36DK330f16AGHaSQjx0GVzegky3ZvXHSPZPqieB1WlN02yBhAyyKbzNUHfmuuPEOjbb9LIg1DGLSJDZxrcqg4YfZZX4pPdtkWq3IRubF2hh2qfD4l98wqdT4DO1dtnf8t4EOcxXOINnqEuQjjHL--SxOInlNOxj2QvA-QqYOR9Cqbkfd1AWXiMNMQC2QUtTqeDXorF6boz9Zvfq5mFG4exVMmh-CItc2TlYobB2V8QlQjcFBjwOvFDBTNrlmyYo1Kyjo4AmSeA3UCL_NLqM8KbP7vjx9kw3qTwRn9uPchELsvmvkxe37KKRXwviShiaVCu0ovxKJIMr0WrOoMuKg-ke0naorwr_IHKyINgn0GrR0r0dyQN-pQPNCnrfRkpTwR6k2WFYt8dr1TgR1Bg&cid=CAQSPADq26N9Kj5S_oEAJCPJbf83eS1bQrhNMhMVTEsxrlWiBim-Tj4-ru9VN-ZZgUqw2A9ENUlfC3yF-m2BwRgBIA4&rfl=1%2Chttps%253A%252F%252Fheavy.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21828
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Nov 2022 15:05:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 139D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTN-MKXa20iMzf5QkuKJ9Jmj9zSEl3svbX05mUStU7ZjpeN4v_1DQjMk3wG5p4xJna3yrLJ9v360r0BGagciMeLqkXXxtJB7CjzTjaOeaVwqptuHPk-oESfz4M_lFVHGwPXQC5orGb8y20FOjYPLKr39mlbC0q20wHeo9wLqMH16edb0Y&cry=1&dbm_d=AKAmf-BnF6RfdGjEuz6BK2V2yZixpZgU-g_-XtgfKbpp56Rc8U6OFJYJGlWoIDe4tFil1LCHg9_3RvHW9ibHv878jgUM-KvOIS-cl7yDTkpUX0Zo_-4CV3RCyuUcVFdF1f-tnKsLG-pzS7eF_Ehlyp7birGYHHg0_nYm0NAwKe1sHQj4QYAS2tfXPUAPGKEmpGXAgczdDTCbFyOjdlQgy2ymIdHKSVGr47RVeLW7iiUYuOleHbncPHHgXIEOf08an6ML24g03l_aaLs8VwstrKQcneR63MJYUYVy2tq2i-RZi65Eg4RziOM_bXdKC-eFEELzUZuTSYmDXATNNxztbzrRZ4qkg67fvhVUA74KeP98rjHaCkzrtNC4URC-U_rwTGkAnbhNT2fSjUiu6t2UI8sqtN7fqlrKWJF-Vh8PQZOVsacbd0asahwQKAV3fRK9W8R5Gbj_kM0AvSY9TPRH6nel-W5-rSZ5u29-1RpIcOBdvp0DAW_Ux5m18hfW9zfMnVxq0uynvsvdo-uX3oKkP4PEwGryz6hKyM-WGdnLk1GLgRYCHvbTuP2_VWOG819rzmJ8nzE6KZSDgOVIXNuRDNq19QoXAudf11NGbzvSfJr6bpGO0slYvF-v45L6KPLlyOZ8WY88dwr3Xw19wI5kN9pwzBfu5whiKn7tkgrOeaEGG-FPqlz_0PKAeSrSAaJ2cnh2BrbnR15nNR6V1BewOdDugUTYgXzRD3d4_YmbG2KdyvsRQTO4UAZ1hwdbj6jY62REvljMimwH-hqRPpSlAZEEdwNnmV6HSlHO0jLC6jYjAgzclaJZCqgAa4UDxn-Ah3rkeo54-omsqmclqhJISCRFlgh88rFGEzmXgfxhxipNMYGVZDAlq62NXtBekWqeXXZFzN2MccrIankx6JH8Sta2w1En8QS0xyesdIP-EHPZyiqAb9VnV2KY36fn8v4Iv5aJ69oXbf3bfN0xqZsdUCVcqerWzJV3l_YZSYmfsMqwxrjhF060WQzR7TN2TLk74H9O4En7uYoJcTxMWC8ctKu5fZeXApUJAYSwZuhAv3BWYKZvhkLJGeVB2pUa6HjCoa5S3nNAXS0HhxXE-yvq_fsVVJ6Cb1gXD9Jc6lZvEn8kBBauf4UEiIE_TrZGos6JfaDrdginObZJCOKcHU0pjaF6-xOK5pGBpNMgYB84dJGywbBfQJxOyJ1fEQmV97ZaLrjkesbOELQrNKZzDZXZzP9Pp_1fatSZf6H8S5cZSOWePKjPdcg7nexYVI57HPQlUZlLl403ZgZFeUdT034eP_DNzYiBLpnsgi9vtCtuuSl5NoPrhgH7DDHKEk392qJOX2aXutbcxSvc3zetu-dForctdqoNYr3EtUqt-fYQwMs2TEVeB3Db1ad5kUFzsWyr8Tt5Ci9tOAs7wLKPzpXtFGh8b1IEepEtLHVtftn_mIRgjmfuybjH8HShZIAvcq58ZdmeSqq6Dc9njPoiVZvnXL8R8_xr7P74mKa_odZAl1yJkAc-f04zYbFvFurkOO8LRP7uh_6VXPlSbrDldpKaotPcC9vEMYK7r-hWQUy1rjakFnnbwBQFJKIQ-KmW4CtiAAPCfq69yIWoJ_yUP_Ee4rneg7hDDt0c05rwe3dKPEwTWOrPfNOvy5ZFYAVYq3AnqWRY7pz6XNNv7kpw0TlwRPDRdzT_zD8B3K4iDQjnNFl_m81-yBvbic3mfZIAn6DzC-YFjLWkH1jE_1Bus9A-E-6W5om9APHFIMfskGIZFMp91jfviFwvqzxb5DyqL-hExsguZK_jQvRlrkoj2MWwmaljWh0aqIr7IAZRBRS9NWjHbux3SdFVIqRLRedBq1rahmbWnIq45PI3823L8wmKdv9LoidCY4-2uDt3CjnCLmFNEdZ9Gww6BLdGt4RjYmsnvKniCWfiBBH3w9DHC1-DrmgGPgTsAKjX5a4lFk61CF2zKUKvMQ8UY8JeA0S6l87u-Z8RMv0UhD0PA_UBb3EBJQnANqP1seTRsA4kPgdt16FQDe4CFFNLUHhTihOcRvpwgkLSxKGvUyb27vEQx5nHIaA7OEZznnYwOUpGQKu7dCcTnYpdK7daSEA_CZh4oviO_lyA1yabDssxisLXhH8auquQBivmDGvWvWxGsfzlbPjJ_R6i6ym4nP1HTaRGwsht7IC6BjUks40SUd24yhGo7scRqLfoM-7gBLH-RrVn7JlsTY5gpjcpazWNTa4UQoq6Eq7-hvf4TNNuwp22r9TIMJDw1DWXCFcYypcEDu1fOsVSfvrduIwdJUu5GwPbSOpLGY_6F6CjymhzXgTXRT5WsAOTNXAdAxDA9q_9192Mv9lgVvTUFGoHZ_zYeJK0pIATIYxLJAmaGd8b2w-B4ssaU4_fyYIBdbj28qpDCFhpb4jrij6CY_pe2mYboe_GMRlBvIHDicBcalm6FQdO1IkfbAqHXe8pA_shWA8VYmZ1iVAi_Yawat1brzNlqu81an1I5Xc8LOefvoLk7jHiU-f0OSMIMasv7S5imdzkLKG2r40_Gs7N80W_ocMG6CRt5aRI-k0GM-rMmGrM8us1JbzpfBHiBDyDZX5c7xOKQuwOpz9SHGGP5fsYyuhTCTsKJZeFE-4EWnGarjkjyG8JLFvvc7cuphY-TVo6gXT_lBUJw6M_cCYmJVsixIkpF5750-SDsp7uYepL5nDjy95NB6HNbcWj9H8su1MHuFr2Q9JbEgBm5FPRayH554sENqLjrx0bKkXhKvAWCv-FJw09tdGrGWb_N5zwEtsddO2ZZdzfENxoFYjmHzAxTOawuXq0GCJdrPDHAUrqkkg_4NGXGSGjQ_-j058iOQe6IihoiSfsArvGyhdmNNwp5DmLUWxu7ggF3tHtnuKTvqQnGvn1z8wNb6an7IEwXAKzCF7Tl36DK330f16AGHaSQjx0GVzegky3ZvXHSPZPqieB1WlN02yBhAyyKbzNUHfmuuPEOjbb9LIg1DGLSJDZxrcqg4YfZZX4pPdtkWq3IRubF2hh2qfD4l98wqdT4DO1dtnf8t4EOcxXOINnqEuQjjHL--SxOInlNOxj2QvA-QqYOR9Cqbkfd1AWXiMNMQC2QUtTqeDXorF6boz9Zvfq5mFG4exVMmh-CItc2TlYobB2V8QlQjcFBjwOvFDBTNrlmyYo1Kyjo4AmSeA3UCL_NLqM8KbP7vjx9kw3qTwRn9uPchELsvmvkxe37KKRXwviShiaVCu0ovxKJIMr0WrOoMuKg-ke0naorwr_IHKyINgn0GrR0r0dyQN-pQPNCnrfRkpTwR6k2WFYt8dr1TgR1Bg&cid=CAQSPADq26N9Kj5S_oEAJCPJbf83eS1bQrhNMhMVTEsxrlWiBim-Tj4-ru9VN-ZZgUqw2A9ENUlfC3yF-m2BwRgBIA4&rfl=1%2Chttps%253A%252F%252Fheavy.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 15 Oct 2022 18:14:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356104
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Oct 2023 18:14:42 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0097 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
21362
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 15:13:44 GMT
etag
48472445140208031
expires
Thu, 20 Oct 2022 15:13:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 139D 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca803cd812004fa3b0e93ba24ad06457df8acb89512cb8c1eedb1ecf91c2ca49

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
/
fw.adsafeprotected.com/rjss/servedby.flashtalking.com/849383/63209238/imp/3/174244;6481523;201;jsappend;DV360;WConvACQBPSUSEN2PD050122103122728x90NADInMarMSFTJDRTBDV360DV360100BPSDataPremiumACQ2334... Frame 139D 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/servedby.flashtalking.com/849383/63209238/imp/3/174244;6481523;201;jsappend;DV360;WConvACQBPSUSEN2PD050122103122728x90NADInMarMSFTJDRTBDV360DV360100BPSDataPremiumACQ2334269725/?bidURL=https://heavy.com/&ftOBA=1&ft_domain=heavy.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fheavy.com%2F&us_privacy=${US_PRIVACY}&ft_custom=AD1EzRQAAABoCmAKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMIlZTQsEKoAsf94AKwAsbC6uADQAHSAioYASITCOXIxIaa7foCFXy60QQdXzwN6ygBMAE4-vWu2awQQAJIAViZgSAQ1LrjygHJy66rRYcnBUJlbmo4r3RW&cachebuster=918716.8748460382
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.61.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-61-126.compute-1.amazonaws.com
Software
/
Resource Hash
f0033202270f5849d37ff7115e7a5a0f81cd3b151536a710f0930877136d149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB0A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
9882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 18:25:04 GMT
expires
Thu, 19 Oct 2023 18:25:04 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_cver=1&google_push=AZmPxg-xR-wxTk4R3KYHYq4EjbdsJ-hZCFBdHevA_H4FrqNiBH1eXG9...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=365a91c0ba880512&is_secure=true&networkId=14000&version=1&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_cver=1&google_push=AZmPxg-xR-wx...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH2zcWGFPTewNJQiyvAAAAAAA&expiration=1666300186&google_cver=1&is_secure=true&google_gid=CAESEGd_WRzcPiLEcbblsmZS1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH2zcWGFPTewNJQiyvAAAAAAA&expiration=1666300186&google_cver=1&is_secure=true&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_push=AZmPxg-xR-wxTk4R3KYHYq4EjbdsJ-hZCFBdHevA_H4FrqNiBH1eXG9JvHYsX_QbZGmasmVTDvjgt2BWddZEw0ophKk-nvB_7pU
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAH2zcWGFPTewNJQiyvAAAAAAA&expiration=1666300186&google_cver=1&is_secure=true&google_gid=CAESEGd_WRzcPiLEcbblsmZS1-I&google_push=AZmPxg-xR-wxTk4R3KYHYq4EjbdsJ-hZCFBdHevA_H4FrqNiBH1eXG9JvHYsX_QbZGmasmVTDvjgt2BWddZEw0ophKk-nvB_7pU
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEF80W_SzsGYQai8sDtLRVPc&google_cver=1&google_push=AZmPxg-RgtadWz7EuMxbJYANPYVMmzNSUluV6KO1ArQUjkmIs3eMkVdaNgeqNepK3B1y74IbEK8pP_YdMjkX_3Z1ylxJCVcQrkeW
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D25B5DE5A984F5495D4F999FC6708B9&google_push=AZmPxg-RgtadWz7EuMxbJYANPYVMmzNSUluV6KO1ArQUjkmIs3eMkVdaNgeqNepK3B1y74IbEK8pP_YdMjkX_3Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D25B5DE5A984F5495D4F999FC6708B9&google_push=AZmPxg-RgtadWz7EuMxbJYANPYVMmzNSUluV6KO1ArQUjkmIs3eMkVdaNgeqNepK3B1y74IbEK8pP_YdMjkX_3Z1ylxJCVcQrkeW
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 19 Oct 2022 21:09:46 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D25B5DE5A984F5495D4F999FC6708B9&google_push=AZmPxg-RgtadWz7EuMxbJYANPYVMmzNSUluV6KO1ArQUjkmIs3eMkVdaNgeqNepK3B1y74IbEK8pP_YdMjkX_3Z1ylxJCVcQrkeW
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 18 Oct 2022 21:09:46 GMT
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEKAEX9kMzSJXjCBLMgw2jEQ&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmY5NmQzODAtYjRhMy00NzIxLWFhZDYtOWY2NzAyNzVhY2My&google_gid=CAESEKAEX9kMzSJXjCBLMgw2jEQ&google_cver=1&google_push=AZmPxg-O...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmY5NmQzODAtYjRhMy00NzIxLWFhZDYtOWY2NzAyNzVhY2My&google_gid=CAESEKAEX9kMzSJXjCBLMgw2jEQ&google_cver=1&google_push=AZmPxg-Or06yZsV4VIGcADr1SWlOwnXtQC1wikps13Z_AE1Q4a36eNCKhkV9ZQtoL_U64ql8jbSjct_H394TVfQCBrPVqdYjwZU
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmY5NmQzODAtYjRhMy00NzIxLWFhZDYtOWY2NzAyNzVhY2My&google_gid=CAESEKAEX9kMzSJXjCBLMgw2jEQ&google_cver=1&google_push=AZmPxg-Or06yZsV4VIGcADr1SWlOwnXtQC1wikps13Z_AE1Q4a36eNCKhkV9ZQtoL_U64ql8jbSjct_H394TVfQCBrPVqdYjwZU
date
Wed, 19 Oct 2022 21:09:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECvDKz-qm2UFYEJ735eUaK0&google_cver=1&google_push=AZmPxg93rYR-h1bob9r21FeoT0A09N-sv9EV2DKB-zhAE3EZwOBbRYCTW5PBXzSXVc5UsFFJOFZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==&google_push=AZmPxg93rYR-h1bob9r21FeoT0A09N-sv9EV2DKB-zhAE3EZwOBbRYCTW5PBXzSXVc5UsFFJOFZCrr0S0qEZnrq79x8lTGA1Xno
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==&google_push=AZmPxg93rYR-h1bob9r21FeoT0A09N-sv9EV2DKB-zhAE3EZwOBbRYCTW5PBXzSXVc5UsFFJOFZCrr0S0qEZnrq79x8lTGA1Xno
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlHNE8wVzItMUYtRzdORg==&google_push=AZmPxg93rYR-h1bob9r21FeoT0A09N-sv9EV2DKB-zhAE3EZwOBbRYCTW5PBXzSXVc5UsFFJOFZCrr0S0qEZnrq79x8lTGA1Xno
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFJCK2wFQzWXDYHOtfjOgXM&google_cver=1&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wY...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFJCK2wFQzWXDYHOtfjOgXM&google_cver=1&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wY...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wYaDtZA0XN6w&google_hm=Fgk1aGZHWRHO2AuZTuWwWMDu
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wYaDtZA0XN6w&google_hm=Fgk1aGZHWRHO2AuZTuWwWMDu
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 19 Oct 2022 21:09:47 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg9awleunbOg5X2U93c3fwB5Br5OQ1qW69YmHANhNQLs4MMBGeI153GoIU3EwiQHGw5hoi4ORKtnVwVDhr2wYaDtZA0XN6w&google_hm=Fgk1aGZHWRHO2AuZTuWwWMDu
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEH54mZWSlbGu24vdAE9-SC8&google_cver=1&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpG...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpGrwo8WFXN8Ffa7Ga1eKSBa5t&google_hm=WTFCbm04Q28...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpGrwo8WFXN8Ffa7Ga1eKSBa5t&google_hm=WTFCbm04Q284WW9BQUdHbXJwb0FBQUFB
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
4
Date
Wed, 19 Oct 2022 21:09:47 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEH54mZWSlbGu24vdAE9-SC8&google_cver=1&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpGrwo8WFXN8Ffa7Ga1eKSBa5t","cluster_id":4,"gdpr":false,"ipv4":"96.9.249.37","key":"Y1Bnm8Co8YoAAGGmrpoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad388"}
X-SO-Key
Y1Bnm8Co8YoAAGGmrpoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad388
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AZmPxg-cwB4UIAQHlkz0UqIRepa2diNKRzkcnwyXjjVjIMEgV2062xj-PxFh9KonFWNAsBCERtOpGrwo8WFXN8Ffa7Ga1eKSBa5t&google_hm=WTFCbm04Q284WW9BQUdHbXJwb0FBQUFB
Cache-Control
private
X-SO-HostName
m-ad388.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng38.dc4p.scaleout.jp
X-SO-IP
96.9.249.37
pixel
cm.g.doubleclick.net/ Frame 0097
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEPerFddnrwLPIgLoBMb6J74&google_cver=1&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkz...
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMO6RwY0q-yhcBQJunpGoFJanOo8sueAbIzlmXeNA&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMH...
  • https://cm.g.doubleclick.net/pixel?google_hm=B0cxX9iTOZqbwzfQgK1x&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3&google_nid=inmobi_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=B0cxX9iTOZqbwzfQgK1x&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3&google_nid=inmobi_new_eb
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 19 Oct 2022 21:09:47 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=B0cxX9iTOZqbwzfQgK1x&google_push=AZmPxg9wHygQzeQWquMi6T4fn4mLXTvIXjKMSiKfezD_OPkzJ5w7LFrvg9FlDPBDxV07Pr9a5IY6xuISbnye_kk4IeMHS3Mbt2I3&google_nid=inmobi_new_eb
x-download-options
noopen
vary
Accept
content-length
225
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 0097 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXW-VT23XAO0UO--FSa0bRED2aTieSrHehfdSn1D5tl3EIVC--8BWRSVFdzeHc8EqoavmDdw
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
pagead2.googlesyndication.com/bg/ Frame CB0A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 18:56:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15945
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Oct 2023 18:56:22 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D%26gdpr_consent%3D%26us_pr...
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=11d286929d880512&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcon...
  • https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAAHvbpHwVhjMgNEsdkXAAAAAAA&expiration=1666300187&is_secure=true
86 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAAHvbpHwVhjMgNEsdkXAAAAAAA&expiration=1666300187&is_secure=true
Protocol
H2
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://prebid-server.rubiconproject.com/setuid?bidder=conversant&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=AAAHvbpHwVhjMgNEsdkXAAAAAAA&expiration=1666300187&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
passback_728x90.js
static.adsafeprotected.com/ Frame 139D
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/servedby.flashtalking.com/849383/63209238/imp/3/174244;6481523;201;jsappend;DV360;WConvACQBPSUSEN2PD050122103122728x90NADInMarMSFTJDRTBDV360DV360100BPSDataPremium...
  • https://static.adsafeprotected.com/passback_728x90.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_728x90.js
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2510:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
BMDmVeG18LcgsgmLJH9yXJDgb3k6n4r4
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
date
Tue, 18 Oct 2022 03:40:04 GMT
x-amz-cf-pop
JFK50-P5
age
407340
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:52 GMT
server
AmazonS3
etag
W/"696b4c19d35efd706805137a8a4b3831"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
Vv5RjTLfB3wmPZO2iKTPeokeoDuDCXCzN2cCNZyoNG_XZ-nvgWIq4w==

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
nginx
x-server-name
app02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame D33E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 19:25:35 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2511853
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yzOFZXqJ_kwL08h_FrhNU0uvon4VD7vOLjcIb3FnSEQP4xaUfLSUrg==
dt
dt.adsafeprotected.com/ Frame 139D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=849383&asId=f1191fb3-63e4-99e7-cd60-4611dd1b8c32&tv=%7Bc:rwGCxl,pingTime:-2,time:62,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:528,beZ:529,mfA:531,cmA:532,inA:532,inZ:537,prA:537,prZ:546,si:549,poA:551,poZ:572,cmZ:572,mfZ:572,loA:579,loZ:581,ltA:588,ltZ:588%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:0,h:0,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:62,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:21,wc:0.0.1600.1200,bkn:%7Bpiv:%5B55~1%5D,as:%5B55~na.na%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tkKjfit+11%7C12%7C13%7C14111%7C14112%7C14113%7C14114%7C14115%7C14116%7C14117%7C14118%7C14119%7C1411a%7C1412%7C1413%7C1414%7C1415%7C1416%7C1417%7C1418%7C1419%7C141a%7C15%7C16%7C17%7C181%7C19*.849383-63209238%7C191%7C192%7C1931,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:23,sinceFw:38,readyFired:true%7D&br=c
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:43d8:4a1:2a71:94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame CB0A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHKYpmmdQY-f-K7WJoPMPiP-u-AgAAAAAOAHgBAI&bg=!f3ylfDjNAAYeOJy_Pjg7ACkAdvg8Wqle7kh4NIMpht7NMTVNPKSzUVmufIjJs7xG75YhL4mbZSAAZgIAAACqUgAAAAJoAQeZAuvOiVorY0KAQSDONzfxcrSN8dsU6y4KqLQxKDxR37--EzXRdqGZZ24XpdD3cQqN_d-8g-wXfnYh46rFthAuHuP3Z7SEcYNLtEZ-aJg4KB1uaWKFPGPstWl7I7H6swUMcmaDp02nFdNX2Ge5oNPpMLINGdlfCH1Y7jwpl1WqdJz8XBTGOicTSx8JWiwgEhyehiJ4QSQJzJ_k5bktzEHbEbDHtXalgu6U7y5a61adBw7tqco7D6RTF3E3eF2H63kIzs1I-mACufA-qaIXl8CQJv08aoKqTwB3U0abZoGYcZuvFKykzOC5hcjozk1KaHtjVU3Wx3lIGKWO7wL_Nr4Zlm6Judg6tjSTvgPg3NZay-XtRlrxWcB9loas0XifSbHoe3gAfVT_Dg6c-27m1b4VrxxtrYqB0dx-Ci98y-CVrqZOZg_zwbt-F8Cb_fR16MKF-3QvzRbmMVnZdUsrzKrvsCq7VtiVoNuElGsdkkq3EW2x4Q3-nKMO3XC1oOwbwtsSkZ_ghfJD5WkCBV-8TmnisN7FhCWofoa2whycTNWwp3MUyzIhy0G2sO0A25V4wWArBrj1k5TFGBjUhEpEkkBHlJMasJ3_huG8aBQYqMcnWJgdFi_wNKvFTx8iCOHcNCa0avIaiFwhXvkXuEnXr8UOG_sArehp1-M_IKD3hGeZqEaMuVi4p_5Hb7o46mskMeRIUPlEXeMgkUkt1q0fAM3gAFG5am97OCL6W_-rSXHRNxN3_AWUov17mXppsxytt_9ancySF0VM_LZ8SK_cwYf5Ao167TAKOHDVvtLbJOzCPzD66Mvx9pm-XQYut2Ti3tDhUs2tTDVgdK71qw3LJaox5JcUbNrAYKqr379YXFZIrKXy5UL1CPp6uvNFIbyuJLi3CrWZpOzkAHTMxspCIyHZFG9sk7AhAFjxo1x7n3Q-SS7oqbBHvddixXIBNUyCX1EIvCDpnSTlye_oOGlkidO75qWm3qeNbUCXZ9C4umY
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prbds2s
rtb.gumgum.com/usync/ Frame 1D74 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/vendor/prebid/es2018/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.180.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-180-95.compute-1.amazonaws.com
Software
nginx /
Resource Hash
045478036a127b7eb4cc12866edf621de8ab4579059ebc3b3e3f5e5e46756ded

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 19 Oct 2022 21:09:47 GMT
etag
W/"01711cd483d4a4564a7a96fbaded3b52b"
server
nginx
timing-allow-origin
*
IAS_PassbackAds_728x90.png
static.adsafeprotected.com/ Frame 139D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_728x90.png
Requested by
Host: abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
URL: https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
4DcA1UddzZ2E21bAiUECQTp8M854Vxlu
date
Mon, 17 Oct 2022 10:36:00 GMT
via
1.1 48fa2d8b9525abe889eff7ccc8591f7e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
539639
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
10216
last-modified
Fri, 18 Feb 2022 23:29:13 GMT
server
AmazonS3
etag
"b1464a7201f691a1e4cf6fc057919d7f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
UfVtIl07WzaMxzBc5w-GuXWpxIPrKKIUFsyW4DeC5dcL9UssAjHOmg==
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
AN-X-Request-Uuid
e6d3e8ff-9b0a-4a9f-9b01-736c52627593
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=1459971591854656313
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=1---
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%2...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=kN1oDJaNOqPZnMONWC070
  • https://usersync.gumgum.com/usersync?b=bsw&i=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 1D74
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&obuid=ENC(-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_...
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1459971591854656313&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_pri...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1459971591854656313&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.191 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
no-cache
X-TraceId
b9cb2cb9644d2ec6dd0865305c55ea27
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
AN-X-Request-Uuid
16a0d53a-0dec-4801-af48-e350ff140afc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=1459971591854656313&obUid=-7zNxjAF-iVlQC1GUaHfHlj9il9yxxoQHMEfVq3FNA45WCyyJdX8NkKjzyh47Zql&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
Connection
keep-alive
X-Proxy-Origin
96.9.249.37; 96.9.249.37; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 19 Oct 2022 21:09:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-uQhU6NZE2pctje0GoGKLL.vimjTnJATJLFSb~A
content-length
0
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusers...
  • https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=00cbb128-5090-4476-ac80-689ec2a6de42
Date
Wed, 19 Oct 2022 21:09:47 GMT
Connection
keep-alive
X-CI-RTID
191af0c1-8549-4cc5-a034-6d4ebe732fba
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Wed, 19 Oct 2022 21:09:47 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
125616063
location
https://usersync.gumgum.com/usersync?b=snc&i=BAE55024BA764B8FA32FC61D7F5DADB1
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_1f970b81999a443689c4d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_1f970b81999a443689c4d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_1f970b81999a443689c4d
date
Wed, 19 Oct 2022 21:09:46 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=QU-QUaoE3OumbmkcRxSQ&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVIVKLKRKVQW6RJTJ52W2YTNNNRVE6CTKETHK427OBZGS...
  • https://usersync.gumgum.com/usersync?b=zem&i=QU-QUaoE3OumbmkcRxSQ&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=QU-QUaoE3OumbmkcRxSQ&us_privacy=1---
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=QU-QUaoE3OumbmkcRxSQ&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1D74
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2139460615108408755
date
Wed, 19 Oct 2022 21:09:46 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 1D74 		0
965 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=b&uid=u_caf1e975-8dec-4d9a-9b95-87f34246c4dd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usersync
usersync.gumgum.com/ Frame 31A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
Wed, 19 Oct 2022 21:09:46 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4447 e18e916 master iad-pixel-x1 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 6EDD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 19 Oct 2022 21:09:47 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y1BnmQAAATVtmwAO&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-ewr18121-EWR
x-timer
S1666213787.287080,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 05B4 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQ=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Wed, 19 Oct 2022 21:09:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F85 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=153843
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 19 Oct 2022 21:09:47 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 21 Oct 2022 15:53:50 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame C42C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Wed, 19 Oct 2022 21:09:47 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=ea221eaf-db5b-4d4d-a055-5e9c544a934a
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 4CED
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Wed, 19 Oct 2022 21:09:46 GMT
location
https://usersync.gumgum.com/usersync?b=emx&i=1459971591854656313brt56781666213785614770af
usersync
usersync.gumgum.com/ Frame CB29
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1Bnm8Co8X0AAN.44i0AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y1Bnm8Co8X0AAN.44i0AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Wed, 19 Oct 2022 21:09:47 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y1Bnm8Co8X0AAN.44i0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
33
X-SO-HostName
a-ad40144.dc2p.scaleout.jp
X-SO-IP
96.9.249.37
X-SO-Key
Y1Bnm8Co8X0AAN.44i0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":33,"gdpr":false,"ipv4":"96.9.249.37","key":"Y1Bnm8Co8X0AAN.44i0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40144"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40144
usersync
usersync.gumgum.com/ Frame 2E9F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75cc7f2a9b228cc5-EWR
content-length
0
date
Wed, 19 Oct 2022 21:09:47 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y1BnmdhmOIisWEAbAzRkEAAA%26043
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAdm7GcFkg%2Flg5kYrfVrQC9EMo4x6XJmdqJPgA1ehASYggJ6B7p3ohBxQ%2FVI9IxNccrdHTuvWW1a09%2BPVO1o7BCi3vLQcVlOq88SDkA5j1fvBaQo1LRkU%2F%2B7opo7JSJEjU1H0akaJe8CYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame A349
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.45.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-45-55.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Wed, 19 Oct 2022 21:09:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 19 Oct 2022 21:09:47 GMT Wed, 19 Oct 2022 21:09:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RIOIcuz9a1eWW20AaWR0&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 71B3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Oct 2022 21:09:47 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 19 Oct 2022 21:09:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 71B3 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.105.42.146 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-105-42-146.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6a5ff401242699df6eb015132706b38e09e1a50bf0777914b452fa8d8da47352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 19 Oct 2022 21:09:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27068
Connection
keep-alive
Content-Length
9455
Expires
Thu, 20 Oct 2022 04:40:55 GMT
ats.js
ats.rlcdn.com/ 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
via
1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront)
date
Wed, 19 Oct 2022 07:50:43 GMT
x-amz-cf-pop
JFK50-P8
age
47945
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
PhQG_071fO61jP3TpsrAV9OZ5dBY_wy-rVtlgv1C6uPO_pWd6o3XlQ==
idsv2
mid.rkdms.com/ 		2 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mid.rkdms.com/idsv2?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=CAFEMEDIA
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.112.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-112-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
https://heavy.com
date
Wed, 19 Oct 2022 21:09:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
application/json
pandg-sdk.js
pghub.io/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/ac9686f/es2018/js/adthrive.min.js?deployment=2022-10-19-5:adm-388:pr2787:ac9686f&experiments=rubiconFloors,recencyFrequency
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 20:21:31 GMT
content-encoding
gzip
age
2896
x-guploader-uploadid
ADPycdt3YLjrXAHpnZn0kdMSRoEyCMaEXIZezL8JI-ddweR_0ESMxXQQDt50F4J8A6kAub8ncQlapW396wz0jaOcZCy6bA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
9
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3690
last-modified
Tue, 05 Apr 2022 17:08:24 GMT
server
UploadServer
etag
"1f39af8c4109e6a95d6895228aab0692"
vary
Accept-Encoding
x-goog-generation
1649178504809914
x-goog-hash
crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-meta-last-modified
2022-07-11T15:04:42.732Z
x-goog-stored-content-length
3690
x-goog-meta-cache-control
public, max-age=230400
accept-ranges
bytes
content-type
application/javascript
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://insight.adsrvr.org/track/evnt/?adv=z127r4i&ct=0:p21aj7j&fmt=3
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1459971591854656313&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZWEyMjFlYWYtZGI1Yi00ZDRkLWEwNTUtNWU5YzU0NGE5MzRh&gdpr=0&gdpr_consent=&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c5...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=ea221eaf-db5b-4d4d-a055-5e9c544a934a&google_gid=CAESEF61f4nSlnXaazsfzHQuCA8&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805787&gdpr=0&gdpr_consent=
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805787&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Oct 2022 21:09:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&expiration=1668805787&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
tag
pandg.tapad.com/ Frame 18A9 		370 B
921 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fheavy.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
/
Resource Hash
22048bb469aa613693008aabaa7d4ee72ee1b3b360b3e56358735b571a6960e9
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://heavy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org https://sync.mathtag.com
content-type
text/html;charset=utf-8
date
Wed, 19 Oct 2022 21:09:47 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security
max-age=31536000
via
1.1 google
/
geo.privacymanager.io/ 		30 B
597 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-12.ewr53.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 11:04:06 GMT
via
1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront), 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C1, EWR53-P1
age
36341
x-amzn-requestid
181f5ebb-3dd3-4e88-a873-59c27f816298
x-amzn-trace-id
Root=1-634fd9a6-7186d988542791b05275c837;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
aP7x_GZmDoEFqLg=
content-length
30
x-amz-cf-id
6SjawkDQs1HIexx-Bu4JEnv4_Xy_8hawyDKUSKds-7BjlGHoL_NgDw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
dt
dt.adsafeprotected.com/ Frame 139D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=849383&asId=f1191fb3-63e4-99e7-cd60-4611dd1b8c32&tv=%7Bc:rwGCE7,pingTime:-10,time:482,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1666213787550%7C%7C668ac9368bcdde4e9bbf6251328d013d%7C%7C11b89db74b56b4ba918674d36e95a672%7C%7C18dd575d7b31a5497e15ba8d91c89304%7C%7C0563e7337cdf3615b45fec66d956240f%7C%7C25211444718492d592e3d2dd514488de%7C%7C7def7899379d6a4364439be589f8ca8a%7C%7C5a4ce520d301d2df290efdc92f4ee9ca%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:43d8:4a1:2a71:94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
receive
pixel.tapad.com/idsync/ex/ Frame 18A9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=1a24cd5f-6bb2-451c-ada6-91de6fb45f49&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=1a24cd5f-6bb2-451c-ada6-91de6fb45f49
95 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=1a24cd5f-6bb2-451c-ada6-91de6fb45f49
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fheavy.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
date
Wed, 19 Oct 2022 21:09:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ea221eaf-db5b-4d4d-a055-5e9c544a934a&ttd_puid=1a24cd5f-6bb2-451c-ada6-91de6fb45f49
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
347
receive
pixel.tapad.com/idsync/ex/ Frame 18A9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2040%26partner_device_id%3D%5BMM_UUID%5D&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
95 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fheavy.com%2F&owner=P%26G&bp_id=cafemedia&initiator=js
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
date
Wed, 19 Oct 2022 21:09:47 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Date
Wed, 19 Oct 2022 21:09:47 GMT
Server
MT3 4539 98cc2da master iad-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2040&partner_device_id=17336350-6799-4700-a300-f79b24069d01&gdpr=&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 19 Oct 2022 21:09:46 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=ga42885b583c005b4ae9&gdpr=&gdpr_consent=&us_privacy=1---
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=ga42885b583c005b4ae9&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&account=&f=i&uid=ga42885b583c005b4ae9&gdpr=&gdpr_consent=&us_privacy=1---
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUI...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Protocol
H2
Server
54.210.32.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-32-188.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&account=&f=i&uid=452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
Date
Wed, 19 Oct 2022 21:09:47 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
instantpage.min.js
heavy.com/wp-content/themes/heavy/assets/dist/vendor/instant.page/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heavy.com/wp-content/themes/heavy/assets/dist/vendor/instant.page/instantpage.min.js?ver=1664796709
Requested by
Host: heavy.com
URL: https://heavy.com/wp-content/themes/heavy/assets/dist/js/main.js?ver=1664796709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2c3b10ff1b3afc7623b381a0023f567da64b7451df56374b47be0a99fbd78a0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:47 GMT
x-rq
ewr4 0 2 9980
content-encoding
gzip
last-modified
Mon, 03 Oct 2022 11:31:49 GMT
server
nginx
age
18857
etag
W/"633ac825-b1a"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1169
expires
Thu, 19 Oct 2023 21:09:47 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 139D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv5u4O6CeUnUXQAalVNZeMN98vxJLxT2WehBtECKNbVjb_ZN08wZON9vkJIn2wXXPNVcTHo1J-3YKcWBLmugxgD-swLDW3QEfGQADQRvpWSuIcF1Z1HfBbyN_q1WszUR4r4-cg&sai=AMfl-YQhp0gsjdYUEHfc3OwUSo2VBQSgsuqi928Q-Z7ZAp63DF78GfO5OCRcfn4NTxO7zU6C1IFLj3YHT1k2clNWE_sXe-2nTJpCuSOoSXFZYgZA3CDOMkF_vJkYSjEJU1Q&sig=Cg0ArKJSzOPYkUq6C4dDEAE&cid=CAQSPADq26N9Kj5S_oEAJCPJbf83eS1bQrhNMhMVTEsxrlWiBim-Tj4-ru9VN-ZZgUqw2A9ENUlfC3yF-m2BwRgBIA4&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2549405575&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666213786542&rpt=294&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Oct 2022 21:09:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: heavy.com
URL: https://heavy.com/wp-content/themes/heavy/assets/dist/js/main.js?ver=1664796709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1634
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
75cc7f309f6dd153-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Oct 2022 21:09:48 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 04:44:27 GMT
content-encoding
gzip
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
age
59121
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
DJIGZIY8xDCxQ1rbDVgBQjNICwlRD97UOhhQ5CWn5cuaXVnkw9sT6w==
marfeel-sdk.js
sdk.mrf.io/statics/ 		86 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1604
Requested by
Host: heavy.com
URL: https://heavy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afc98bb5cfa8ef9b51eef419917aea48f8151570252883c61d6162f86be9791f

Request headers

Referer
https://heavy.com/
Origin
https://heavy.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
content-encoding
br
x-b3-traceid
2b9329ab5e7246aabcd8954fb2ce82ef
x-amz-cf-pop
EWR53-C2
x-cache
Hit from cloudfront, HIT
mrf-cache-status
H
x-b3-traceid-primal
c880b951340d4572abc246b7c465d26a
content-length
23780
x-served-by
cache-ewr18160-EWR
last-modified
Wed, 19 Oct 2022 06:48:08 GMT
server
AmazonS3
x-timer
S1666213788.326106,VS0,VE0
etag
W/"94c1026a6260803e037dcc98f79c198e"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
GKSbvx1SMyBM1n7HnTDU6H22mdCk11_LCscGbaQgth4sp3XrBzfmPw==
x-cache-hits
54
b
sb.scorecardresearch.com/ 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=20567959&cs_it=b3&cv=3.8.0.210223&ns__t=1666213788253&ns_c=UTF-8&c7=https%3A%2F%2Fheavy.com%2F&c8=Heavy.com%20%7C%20Sports%2C%20Entertainment%2C%20Breaking%20News%20%26%20Shopping&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
yAv-U92Y9jp4AS0pq603jw2QNhp-C4w4qeZttOLWwLabds9DpEjGUw==
x-cache
Miss from cloudfront
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3591
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
75cc7f30faa0d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 22 Oct 2022 21:09:48 GMT
ingest.php
events.newsroom.bi/ 		50 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1604
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
haproxy01.cl03.k8s.mrf.io
Software
istio-envoy /
Resource Hash
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63

Request headers

Referer
https://heavy.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryUYtfi9LQb6NdEND4

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://heavy.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
66
active
flowcards.mrf.io/json/ 		16 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1604&page_technology=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
content-encoding
gzip
x-b3-traceid
1eb3537d40dc457ba670a7ddd5cd5f23
x-cache
HIT
mrf-cache-status
H
x-envoy-upstream-service-time
0
x-b3-traceid-primal
dd7a577209fe44bc89217f5ed5a35145
content-length
42
x-served-by
cache-ewr18174-EWR
server
istio-envoy
x-timer
S1666213788.444054,VS0,VE0
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
6
web
onesignal.com/api/v1/sync/4bc170ec-3de0-4467-8371-4b328b6c448f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/4bc170ec-3de0-4467-8371-4b328b6c448f/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d350c16f6c62a7b263fe693c88906aff08a9ae4ccbe461790e02afa257587e12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heavy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:09:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1634
cf-polished
origSize=3366
status
200 OK
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
be24ddda-5b88-4928-b2f0-641da1822fba
x-runtime
0.028900
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"7bc83b8a817f5c0ee3a6cf60588b017c"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
75cc7f319fc6d153-BUF
access-control-allow-headers
SDK-Version
expires
Wed, 19 Oct 2022 22:09:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
collector.brandmetrics.com
URL
https://collector.brandmetrics.com/c.js?siteid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=heavy.com&rnd=5777159

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| heavyJS string| heavyGAID string| GoogleAnalyticsObject function| ga function| hvyWidgetsTargeting object| adthrive number| heavySameSiteTrackingDelay undefined| scriptQueueData function| tcbToast object| _comscore function| OneSignal number| oneSignalDelay object| heavyOnesignalOptions string| heavyOnesignalApp object| tcb_post_lists object| _stq function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| adthriveCLS function| _classCallCheck function| _defineProperties function| _createClass function| IOlazy function| st_go function| linktracker_init object| wpcom object| pbjs object| apstag object| googletag object| _pbjsGlobals object| webVitals boolean| apstagLOADED object| ggeac object| google_js_reporting_queue function| __uspapi object| confiant undefined| google_measure_js_timing object| COMSCORE function| udm_ object| ns_p function| setImmediate function| clearImmediate object| ID5 object| brandmetrics function| __assign object| _brandmetrics function| __spreadArrays object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| trackingMap function| heavySameSiteTracking function| Tapad object| ats function| p function| h function| v object| marfeel object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass number| __oneSignalSdkLoadCount function| __jp0

123 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQzeDSkL8wCgoIgQIQzeDSkL8wCgoI4gEQzeDSkL8wCgoI5gEQzeDSkL8wCgoIhwIQzeDSkL8wCgkICRDN4NKQvzAKCQg6EM3g0pC_MAoJCAsQzeDSkL8wCgoIjAIQzeDSkL8wCgkIXxDN4NKQvzA=
.heavy.com/ Name: _ga
Value: GA1.2.75630370.1666213783
.heavy.com/ Name: _gid
Value: GA1.2.1255926373.1666213783
.heavy.com/ Name: _gat
Value: 1
.heavy.com/ Name: _fbp
Value: fb.1.1666213783526.537427514
heavy.com/ Name: usprivacy
Value: 1---
heavy.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
heavy.com/ Name: _lr_retry_request
Value: true
heavy.com/ Name: _lr_env_src_ats
Value: false
.adsrvr.org/ Name: TDID
Value: ea221eaf-db5b-4d4d-a055-5e9c544a934a
.scorecardresearch.com/ Name: UID
Value: 19Ea1bfc972fb2492d190811666213784
.teads.tv/ Name: tt_viewer
Value: 35c1848d-0c03-48fe-a947-ea9617dc10c6
.kargo.com/ Name: ktcid
Value: d075f2b3-8138-0219-1adf-b90306c442fd
.openx.net/ Name: i
Value: b5c41022-0df9-4f40-9ebf-af7ed6388eb9|1666213784
.yahoo.com/ Name: A3
Value: d=AQABBJhnUGMCEKr8aRn4cE5e7UPmohC4jVAFEgEBAQG5UWNaYwAAAAAA_eMAAA&S=AQAAAk76KpjQZxN0HN3sHrVAZD0
.amazon-adsystem.com/ Name: ad-id
Value: A7sIls1ptUzLjpRs_G7Drg0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rubiconproject.com/ Name: khaos
Value: L9G4O0W2-1F-G7NF
.adnxs.com/ Name: uuid2
Value: 1459971591854656313
.openx.net/ Name: pd
Value: v2|1666213785|vMgakWgyiK
.onetag-sys.com/ Name: OTP
Value: FN8LQA-Ix_2R4_l2K_Umy8pZpecUIUb22Bm0vlQBUuI
.gumgum.com/ Name: vst
Value: u_caf1e975-8dec-4d9a-9b95-87f34246c4dd
.3lift.com/ Name: tluid
Value: 1800898157156868043624
.sharethrough.com/ Name: stx_user_id
Value: 3f974b2f-e251-4612-96e5-be2c7e872259
.casalemedia.com/ Name: CMID
Value: Y1BnmdhmOIisWEAbAzRkEAAA
.casalemedia.com/ Name: CMPS
Value: 043
.casalemedia.com/ Name: CMPRO
Value: 043
.yieldmo.com/ Name: yieldmo_id
Value: ga42885b583c005b4ae9%7C1666213785425%7C0%7C
.bidswitch.net/ Name: tuuid
Value: 452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
.bidswitch.net/ Name: c
Value: 1666213785
.bidswitch.net/ Name: tuuid_lu
Value: 1666213785
.openx.net/ Name: univ_id
Value: 537072971|ea221eaf-db5b-4d4d-a055-5e9c544a934a|1666213785474975
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1BnmQAAATVtmwAO
.deepintent.com/ Name: CDIUSER
Value: di_1f970b81999a443689c4d
.technoratimedia.com/ Name: tads_uid
Value: BAE55024BA764B8FA32FC61D7F5DADB1
.technoratimedia.com/ Name: tads_uid_cd
Value: 20221019210945+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.outbrain.com/ Name: obuid
Value: e5c3c973-ac33-4f86-8f70-c19c2401ad61
.ipredictive.com/ Name: cu
Value: 00cbb128-5090-4476-ac80-689ec2a6de42|1666213785559
.zemanta.com/ Name: zuid
Value: QU-QUaoE3OumbmkcRxSQ
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d32b6063-2ce6-4894-7061-58faa596c68c.zprjt80G%2B3lLgjEhBTk9Y7ZS7BEUxLKLJPyDYidup8g
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0ytgYyzmSJRwYVj6pZbGjGAJ-SU.soLfPiqgfv0j%2F198CQKMznuQpkO035CjetWcPSXScBw
.mathtag.com/ Name: uuid
Value: 17336350-6799-4700-a300-f79b24069d01
.emxdgt.com/ Name: uid
Value: 56781666213785614770af
.doubleclick.net/ Name: IDE
Value: AHWqTUn933ZRKFi2vPd7mFsEbDM6yzxS4ec-v24xA7UQnKQGu92BS3ShpXkEBnGd0Ko
.heavy.com/ Name: cto_bundle
Value: X-8zl192M2RlamM0REZ2VFM1S09lNnNweFAzTGd5MjVOZ3IzRWQ4MGdlU1VNRnJLM05vRHhoMCUyRmRsenN5dVZwMVZKdm5wa3VXOVNqVVIxWTNpZmcxUUJ1MG1YJTJGeHZ2bDJJZHM3Q1pWVEZwYk5xbTYzTGQ2d1R5YjZBcVdWalZ5c3pmSk4
.heavy.com/ Name: cto_bidid
Value: 132pOV9uS3lGNURMaXRaMGppMkJaRHMzNE9PN0NEeTRhejhYdkN6ZUE0Ym9pQ1FiUE9xTVVrdzJzNFBociUyRkZPc0olMkZlJTJCRnBOSWR2TSUyQkpCJTJGdlVqJTJGRENTcGwlMkZ3JTNEJTNE
.360yield.com/ Name: tuuid
Value: bca6f3d6-3227-4fd1-ac52-27c252705d22
.360yield.com/ Name: tuuid_lu
Value: 1666213785
.mfadsrvr.com/ Name: tuuid
Value: 1143ebb9-27ee-49a7-bf6c-ab6a434450bd
.mfadsrvr.com/ Name: c
Value: 1666213785
.mfadsrvr.com/ Name: tuuid_lu
Value: 1666213785
.ads.yieldmo.com/ Name: ptran
Value: 1459971591854656313
.ads.yieldmo.com/ Name: ptrt
Value: ea221eaf-db5b-4d4d-a055-5e9c544a934a
.w55c.net/ Name: wfivefivec
Value: aJ0rdWhn1OLgjT5
.emxdgt.com/ Name: apn_id
Value: 1459971591854656313
.simpli.fi/ Name: suid
Value: 2D25B5DE5A984F5495D4F999FC6708B9
.w55c.net/ Name: matchcasale
Value: 5
.mfadsrvr.com/ Name: ssh
Value: !yieldmo,1666213785
.creativecdn.com/ Name: u
Value: RIOIcuz9a1eWW20AaWR0
.creativecdn.com/ Name: ts
Value: 1666213785
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005%22%7D
.bing.com/ Name: MUID
Value: 35E80EA0311E6A27068A1CE230796BDA
.c.bing.com/ Name: MR
Value: 0
.ads.yieldmo.com/ Name: ptrmf
Value: 1143ebb9-27ee-49a7-bf6c-ab6a434450bd
.contextweb.com/ Name: V
Value: UQLtaa4RhPRA
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1gr4|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 2404353d0d69184d
.linkedin.com/ Name: li_sugr
Value: e66c6cdd-5744-4a0b-a054-4f2f77bf6bbc
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&18b79061-6ec7-442c-8fa3-b56183c95a5b"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2891:u=1:x=1:i=1666213785:t=1666300185:v=2:sig=AQHIzYJnDpvRFRISsLjRKJv2rwji7QtX"
.creative-serving.com/ Name: tuuid
Value: ea73ac56-671f-48a7-b0ee-846b9b6fd698
.creative-serving.com/ Name: c
Value: 1666213785
.creative-serving.com/ Name: tuuid_lu
Value: 1666213785
.demdex.net/ Name: demdex
Value: 17247637807251635702168122871206636466
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-42fe4f10-96f3-4e8e-8927-d871d62890c3-005%22%7D
.smartadserver.com/ Name: pid
Value: 2139460615108408755
.sitescout.com/ Name: ssi
Value: b3ce8c41-96a3-4d8a-9a24-33e480d4cbe8#1666213785965
.nrich.ai/ Name: _nauid
Value: 5ce5ed47-a050-4072-ba03-5e50c6e0d3c6
.dpm.demdex.net/ Name: dpm
Value: 17247637807251635702168122871206636466
.sitescout.com/ Name: _ssuma
Value: eyI4MSI6MTY2NjIxMzc4NTk5NH0
.ads.yieldmo.com/ Name: ptrbsw
Value: 452bf0aa-9c5c-4b6f-aaae-d53eee5e9edc
.adsymptotic.com/ Name: U
Value: 4ddd78d92026f6ba069aa6b066cd0f65
.33across.com/ Name: 33x_ps
Value: u%3D117941801089978%3As1%3D1666213786367%3Ats%3D1666213786367
.tynt.com/ Name: uid
Value: +5nZiGNQZ5rakG9XG/JuCg==
.heavy.com/ Name: __gads
Value: ID=b6e8e7cd3128afa1:T=1666213785:S=ALNI_Mb18rmI-YRdNfoQMp08vwK5HVuAiw
.heavy.com/ Name: __gpi
Value: UID=00000888a7cd87b4:T=1666213785:RT=1666213785:S=ALNI_MbPotDu5PV20lZUXSm4jznaGCNbLg
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1666213786507%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1666213786507%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1666213786507%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1666213786507%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1666213786507%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1666213786507%7D%5D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~27t9:190u~27t9"
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcKvekx4svrMvFYvo2XO8wv+z0QnGM0pmGQX1xaEiSaGZ2sbL53DdHL/KoCvYIw8mZbAUJ+gL7gixXe9NhU4xvOgPNQ3vZcaU8BKIdXIYfRTQw==
.pswec.com/ Name: tuuid
Value: 4fac9b1d-0694-4b39-9fc9-ee84ada974d9
.pswec.com/ Name: c
Value: 1666213786
.pswec.com/ Name: tuuid_lu
Value: 1666213786
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTwCPv5A!@wnfH8K6pQK`!5=E<*L5?%M1a4#:Ek@wO4i)B]^gYG#S3l1TV?ij5TO@x5Y*bpRz*qF1`*b^98)ujs$
.lijit.com/ Name: ljt_reader
Value: Fgk1aGZHWRHO2AuZTuWwWMDu
.inmobi.com/ Name: idsp_c
Value: bf96d380-b4a3-4721-aad6-9f670275acc2
.dotomi.com/ Name: DotomiTest
Value: 11d286929d880512
.id5-sync.com/ Name: id5
Value: 2efb7f2e-ac44-4d92-8ec0-91f7e3f52ba8#1666213785006#3
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22142%22%3A%2220221019%22%7D
.server.cpmstar.com/ Name: USER_ID
Value: %90%ddh%0c%96%8d%3a%a3%d9%9c%c3%8dX-%3b
.mid.rkdms.com/ Name: sessionid
Value: h-384518a6ec9003e428f920388cbcbe3f_t-1666213787
.socdm.com/ Name: SOC
Value: Y1Bnm8Co8X0AAN.44i0AAAAA
.tapad.com/ Name: TapAd_TS
Value: 1666213787575
.tapad.com/ Name: TapAd_DID
Value: 1a24cd5f-6bb2-451c-ada6-91de6fb45f49
heavy.com/ Name: _lr_geo_location
Value: US
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI8OKvgYmImTsQBRIWCgdydWJpY29uEgsIhM3Ag4mImTsQBRIXCghhcHBuZXh1cxILCOqk7JOJiJk7EAUSFQoGZ29vZ2xlEgsI1O7xlImImTsQBRIVCgZjYXNhbGUSCwjU7vGUiYiZOxAFGAUgAigBMgsI4qf5v5-ImTsQBUIbIhkIARIVChFDb29raWUgQWxsaWFuY2UgMRABWgd6MTI3cjRpYAFyBmNhc2FsZQ..
.casalemedia.com/ Name: CMTS
Value: 3410
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidW5ydWx5Ijp7InVpZCI6IlJYLTQyZmU0ZjEwLTk2ZjMtNGU4ZS04OTI3LWQ4NzFkNjI4OTBjMy0wMDUiLCJleHBpcmVzIjoiMjAyMi0xMS0wMlQyMTowOTo0Ni4yNjI4MTgwMVoifSwiZ3JpZCI6eyJ1aWQiOiI0NTJiZjBhYS05YzVjLTRiNmYtYWFhZS1kNTNlZWU1ZTllZGMiLCJleHBpcmVzIjoiMjAyMi0xMS0wMlQyMTowOTo0Ny43NzUxNDQ3OFoifSwiMzNhY3Jvc3MiOnsidWlkIjoiMTE3OTQxODAxMDg5OTc4IiwiZXhwaXJlcyI6IjIwMjItMTEtMDJUMjE6MDk6NDYuNjU1NzM0NTUxWiJ9LCJndW1ndW0iOnsidWlkIjoidV9jYWYxZTk3NS04ZGVjLTRkOWEtOWI5NS04N2YzNDI0NmM0ZGQiLCJleHBpcmVzIjoiMjAyMi0xMS0wMlQyMTowOTo0Ny4yODU0MTI2MzVaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMTgwMDg5ODE1NzE1Njg2ODA0MzYyNCIsImV4cGlyZXMiOiIyMDIyLTExLTAyVDIxOjA5OjQ1Ljc0MjU5NjkxNloifSwicnViaWNvbiI6eyJ1aWQiOiJMOUc0TzBXMi0xRi1HN05GIiwiZXhwaXJlcyI6IjIwMjItMTEtMDJUMjE6MDk6NDUuNTk1Mjk0NDRaIn0sImNvbnZlcnNhbnQiOnsidWlkIjoiQUFBSHZicEh3VmhqTWdORXNka1hBQUFBQUFBIiwiZXhwaXJlcyI6IjIwMjItMTEtMDJUMjE6MDk6NDcuMTkxNTM0OTEzWiJ9LCJ5aWVsZG1vIjp7InVpZCI6ImdhNDI4ODViNTgzYzAwNWI0YWU5IiwiZXhwaXJlcyI6IjIwMjItMTEtMDJUMjE6MDk6NDcuNjk0Mjc0OTgyWiJ9fSwiYmRheSI6IjIwMjItMTAtMTlUMjE6MDk6NDUuNTk0MTkxNjU2WiJ9
.heavy.com/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1666213788%2C%22currentVisitStarted%22%3A1666213788%2C%22sessionId%22%3A%220749d9b7-d95e-4803-81ed-9b884debf232%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//heavy.com/%22%2C%22referrer%22%3A%22%22%7D
.heavy.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1666213788%2C%22userId%22%3A%229cc4f59f-8576-4458-8215-29b808d8034b%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1666213788%2C%22timesVisited%22%3A1%7D
.heavy.com/ Name: compass_uid
Value: 9cc4f59f-8576-4458-8215-29b808d8034b
events.newsroom.bi/ Name: 1604_u
Value: 9cc4f59f-8576-4458-8215-29b808d8034b
events.newsroom.bi/ Name: 1604_s
Value: 0749d9b7-d95e-4803-81ed-9b884debf232
events.newsroom.bi/ Name: 1604_lv
Value: null

1 Console Messages

Source Level URL
Text
network error URL: https://collector.brandmetrics.com/c.js?siteid=f9816ecc-b51b-4747-bc3e-1ea86a0677a2&toploc=heavy.com&rnd=5777159
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abaea7b32794d5758ef9507ab71cf73c.safeframe.googlesyndication.com
ad.360yield.com
ads.adthrive.com
ads.creative-serving.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
ap.lijit.com
api.rlcdn.com
ats.rlcdn.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cafemedia-d.openx.net
casale-match.dotomi.com
cdn.brandmetrics.com
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jwplayer.com
cdn.onesignal.com
cm.g.doubleclick.net
collector.brandmetrics.com
colossusssp.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
dclk-match.dotomi.com
de.tynt.com
direct.adsrvr.org
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
events-ssc.33across.com
events.newsroom.bi
fastlane.rubiconproject.com
flowcards.mrf.io
fw.adsafeprotected.com
geo.privacymanager.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hde.tynt.com
heavy.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
insight.adsrvr.org
krk.kargo.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
logger.adthrive.com
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
mid.rkdms.com
mug.criteo.com
mweb.ck.inmobi.com
onesignal.com
onetag-sys.com
p.adsymptotic.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
sb.scorecardresearch.com
sdk.mrf.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.pswec.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
collector.brandmetrics.com
104.105.42.146
104.18.18.126
104.18.19.126
104.18.98.194
104.36.115.111
104.45.178.220
107.178.246.49
108.138.124.226
108.138.128.58
124.146.215.43
129.159.70.95
13.35.93.23
13.35.93.28
141.95.98.65
141.95.98.71
142.251.32.98
143.204.150.76
151.101.129.194
151.101.130.207
151.101.194.207
151.101.194.49
169.197.150.8
173.223.57.84
18.164.96.90
18.214.180.95
18.214.193.123
185.184.8.90
188.40.92.96
192.0.66.32
192.0.76.3
192.40.39.223
198.148.27.139
198.24.170.51
199.127.204.171
199.187.193.197
199.250.166.129
20.127.253.7
2001:41d0:701:1000::96f
207.198.113.88
23.195.101.76
23.64.60.212
23.92.190.68
2600:1f13:800:7781:43d8:4a1:2a71:94
2600:1f18:4e9:5a01:9805:2364:1f96:8667
2600:9000:2209:4e00:1:a3fa:7cc0:93a1
2600:9000:2510:3200:8:48e:53c0:93a1
2602:803:c002:200::41
2606:4700:10::6816:3556
2606:4700:20::ac43:45f7
2606:4700::6810:7caf
2606:4700::6812:116b
2606:4700::6812:e234
2606:ae80:1471:17::1050
2607:f8b0:4004:c1b::9b
2607:f8b0:4006:807::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2004
2607:f8b0:4006:823::2002
2620:100:a001::18
2620:1ec:21::14
2620:1ec:c11::200
2a02:2638:1::13
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:c00::282
3.212.154.204
3.225.64.41
3.226.61.126
3.230.217.116
34.102.243.38
34.117.239.71
34.120.155.137
34.133.71.175
34.196.85.232
34.215.0.93
34.237.68.65
34.98.64.218
35.207.24.140
35.211.178.172
35.241.45.217
35.244.159.8
50.16.70.211
51.222.39.184
51.68.39.188
52.200.148.159
52.203.204.136
52.207.45.55
52.223.22.214
52.223.40.198
52.4.33.45
52.45.33.138
52.46.130.91
52.85.61.12
52.94.220.185
54.144.112.47
54.156.200.49
54.156.230.254
54.198.133.215
54.198.189.0
54.208.230.249
54.210.32.188
67.202.105.22
67.202.105.32
68.67.160.132
68.67.160.26
69.173.151.100
70.42.32.191
70.42.32.255
74.119.119.139
74.121.140.14
80.77.87.218
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03672536e8893631903f7988e667cde3eabf4c7df9ce6c1db00f586192586a7a
045478036a127b7eb4cc12866edf621de8ab4579059ebc3b3e3f5e5e46756ded
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
091bb0de0a818620d0fa529df0edee88a5ac2244b5396edbac0a527035cf4af7
0a87f2cb907d8c732ef47486fe1722f608b067a4b0d67831c877f3071a6d6f7f
0ae061140fed7f469604fa7ba47042fc348baec086b8e22fbadcb92d82305d33
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d4c688c9b22447f92479b28e33e4db5e17f84bc4d34147e704dacb98f6a5947
1060ed99e26a253331d797ce0353b9aa7ffc012b7cf80da7bacf43749c06114e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
170ca1b9200f7226ee7386710f846087ce5b6011db9d85097bd7aa3295cfcfae
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
197e2aea0a1c22c6a7f6418257737a48d04df1bb5870c3464d0d28d070711550
1a1fb6db1c9f1590294cb8190cfa160f888dc1bbf486d0b1c34640606d190b0c
1af2148d7bd5e2a0c9ddc1c5b9ff072996852f4f11ebc19695ba4ee08ddb9c4a
1b7d8cdb9e7c9a81827f9c3ea7a87822c88482e10c1aacd3217d20fa0f4afdb2
1e7447dac59095827d6d837d8eb98b830878a872d22cbf590111cc4f2d32d5f5
2118a97d515d94445093d07725c38222fb6a823a5f0ffdeb37568a7d65647977
2146416c1ea5e784140a54cf8f6f00e6ab60c9d59b3efb6d51b36313243b6f06
22048bb469aa613693008aabaa7d4ee72ee1b3b360b3e56358735b571a6960e9
251ddf39aca075825dd226e7e3c323e2dbc43fe7de945a57ff33851389a052a9
254ca9d462cba21afda208e08e58490858355a974100886ecf035f036a69eed9
29fbf053f6f09e650a54d4e9fd038062d6f2d2367eca4196202e8fe8bc345f63
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3b10ff1b3afc7623b381a0023f567da64b7451df56374b47be0a99fbd78a0e
319ebf743ce2c07c6bfafd9600a93824aa52b0844fe94e81c014e169564dc7e3
3254ca993472637dac775943b9c1b5d80e9ccd8fb53dbd7917f9330cd9eabee9
32ec385fa84cc6ca98181f5b9fdf7bf726c3399414c6885cc48da80da1691257
3ea827ece592695c114241962ca8a1b473dff1249daa1091d2a17cf0b74a6499
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4628a738d45d13db7966d5927603aed60d673bebbef468283149b3034989514b
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4
479e7ff4daf8ced21a9a69044f78bf8d11359b3932d32f4aaabbc5fd7cb5d7a5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5045c41147a4d02e26beb4535147fdb27145a9166fbbdaf3a39e50020f0ffcea
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a
5293b05c3ff1365790debd62d063842f883107d47dfbda18eb4a3a2d9bb52e6a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a015fe4307f431cd520ad747b354e16fae9ed233929562ee269d9945fb65ca
54eec0fb7f4cf3b9debe15f92879f1ec46d6226d33777b2e803ddcf9c8b7486f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5800a5549a26f82055f6c044400b96307a1d081f6127ddbefd57446a43f9988b
5c21c152d99aac3c5c496bbf955c21143f6f2d03684b4cbd68813cf93ae7ada1
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
619c40ca3297c3bed75866bd61b577fbeceac800ff86556f05760e83309235d3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68b4e928d35befc2c54b63d898331d6af0a864e70dada9fcb79bd23d88d54e31
6a5ff401242699df6eb015132706b38e09e1a50bf0777914b452fa8d8da47352
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f0507591c49aa88fab2433451c6c3154c5d4450636b43b749afa1ae2521fe2f
705b01b585308c46090f947bbaf36dbd27ed0800b4da4e7863b4a45f7dbc380a
7333edde984060621b99cc524b9bfc8fe8600f55312edc14037b5b3218231533
74a480ae6dcd5484c3763a4102912a1bdd18264d12c147682d0cfdcb6f6118de
770c11afd43a6700eec48b41040be9229f5653e51095a8fe3366301cadd6b087
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
7ef646adbcf11434b3f392a6de8556f9eb287e5b026a1f99411866b4a0c4068e
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b169cb62cbe298dfbbf836cd03e928f34a30053f01c036a2c8cbf119ed7bb2a
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
9000729b9cef1f0e62982b419d5bb57affb8be19701f7d2fa85be49f1d98691f
9338811f5878eaeb6e9bf7dbb327c984b5b859050cb177aeb06a4ded7b447b0b
9417661914e9d33525836ceac4c9eb9f81948c5a16d4d55c0e86f0b8d84ce982
983fc3a563c000d9b42e112815d5559cbbb45c4c45f1ef03edfa2daf8f32049c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a14b700bc2581383cfae352c91f00fc65439392344a2f823a9645e8546a3bde
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fa580b17b1b5d515855eb42e63a72162de659faec5478e2604e6e326d154d67
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a579343e48deefeeb438bcb7f6aeb6d37e68102a8299ca47b683991f0af26b28
a63506fb420990f57b718352691d603bd8c4574bd1182dd2f274fe276b83493d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa01171bec4fe6a08a5c6d8ced9e0093ddb763b5aeaf8cf202acd7892211ddbd
aa250311ac3f44ddb5b321ac15af4aae4cdcb368a2dd8993c7273447f76438b4
ac8f7d38342af4d3e7f30e15b43032bc93dc1a18e8d4a0b2f9c4b84aa28f4f2a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad17821181398ca3b1c0456f9c52690e37d09e2b187809fc9b2e35516de64ee2
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc98bb5cfa8ef9b51eef419917aea48f8151570252883c61d6162f86be9791f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d24638581b5833b799ae0f4eac192daf1f2530fb04670f7f2ea467b2ee3a3c
b3026cdc731c2f4f317e651a53d5175b0bcb2fd8a1575ac8fd94ba917aab1e1c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5433eeebbe87298dd41c3eca9803ce5bfab705966253c106a2ac9ed36a58f20
b5b1e5f3454453b4697ff1c67b3051926563753be0e557b566e0e604e94af595
b6ace4c736647a27bfb8218cc3a7e0899ea4c1302790a9a3dbe743edd50d6e7e
b925b10658e33e914afb403288724c44a82441e1bba11b3112c9e4e560dfe378
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce478f69d1366e94a46d9407ee97da73a27111f3127030d41ce124c800e4c0d
bcf58d343292ea3fac8a48eab8e22c02c6ffb7edf1e341b5428874084acd701c
bf46ed887799ed2214804f4732e18a728cf4eb8dd1c64884dae61df97abf73d3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c8d3a20b185fec0c542f8699df01907baccbccad560b40035eca88ad623a17b8
ca803cd812004fa3b0e93ba24ad06457df8acb89512cb8c1eedb1ecf91c2ca49
cb260fbfa3add6553864bf1c8dd753a45d7a1504b159c8aa6cbec89f9223a89d
cd32ac808b323ce6c8560cba52ebba764864c69205de549821a41e1c21cbe51d
ce574b78b60a047df07cb9fc0b2a1326bd5d831cb8a05fd658a43016ee70a4b8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc7722a72d56fdae4cccb6ced0f04e9d884f5ef459d270dd5b89b942364e84b
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d2471b1253309224104a4822e03018e84f06e960c30f28462ca550e44dfcba66
d350c16f6c62a7b263fe693c88906aff08a9ae4ccbe461790e02afa257587e12
d5eacfbef6e883869dcd7bed5e4891901909e463e88fca88ce67e9c90018666f
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
db28b35578071bfd6be7583beded20e2e9c4c56a394c1c9237d3bcc4e70f500c
de82caf93cf293710b43fee96f99cc6bb2a66f8c93d3ae3a530e0ba00faf026a
e23aa41677b6c7479e9f2a46fb0e8a85c5ece6c088bb9fa8938fe970fc8493ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56db6b7fa490d3078cea54cfe40f884dfd64b7125a4eb9cd65fb8bb2a20721f
ea7355e892444daa88bf1c7c84254618f652101046a1acbe284ece3ab0802e53
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec6187aebd6309f176533129e9609ed8b0fa932529530dc164fafa5c3548b8ab
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2bf0f1fc66bdda6c9edd60769b86328eb8f0a9f2261476045c69daf9f07106
f0033202270f5849d37ff7115e7a5a0f81cd3b151536a710f0930877136d149e
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3bef51fe56f26bd5e2c23de215cc8b5bfe8bdbe752ac0dff1263f3bf38b5c8f
f5decc210dbe7320771b5ddf86e95be8c6d74d09ac53ab756d4bebcca49c5d3f
fa7abe88a18c99f411aa68d77605dd5d9939eba47e80733b0044f933077b8304
fb980cfc2fbdd0d93f9f77103d10c1c8e5c42079705bcb57be108cfe1574bbae
fd2fbd0ee422c2021edd3cc85d3cd9b3e5c06e0c57091c400f405e09889bd21a