Submitted URL: http://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Effective URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Submission: On March 23 via manual from US — Scanned from DE

Summary

This website contacted 103 IPs in 13 countries across 84 domains to perform 444 HTTP transactions. The main IP is 192.229.233.172, located in Granada Hills, United States and belongs to EDGECAST, US. The main domain is screencrush.com. The Cisco Umbrella rank of the primary domain is 361138.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 8th 2023. Valid for: 8 months.
This is the only time screencrush.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 192.229.233.172 15133 (EDGECAST)
22 192.229.233.181 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 104.18.11.47 13335 (CLOUDFLAR...)
3 192.229.233.218 15133 (EDGECAST)
8 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
1 2a03:2880:f21... 32934 (FACEBOOK)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
3 108.138.1.25 16509 (AMAZON-02)
4 2606:2800:234... 15133 (EDGECAST)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 151.101.1.44 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
15 3.33.220.150 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.37 16509 (AMAZON-02)
1 104.107.242.211 16625 (AKAMAI-AS)
2 3.225.32.203 14618 (AMAZON-AES)
1 104.18.24.185 13335 (CLOUDFLAR...)
4 65.9.99.209 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 104.244.42.8 13414 (TWITTER)
3 65.9.95.6 16509 (AMAZON-02)
5 88.221.169.49 16625 (AKAMAI-AS)
4 104.18.25.185 13335 (CLOUDFLAR...)
4 65.9.95.106 16509 (AMAZON-02)
4 3.120.195.75 16509 (AMAZON-02)
24 159.89.246.130 14061 (DIGITALOC...)
9 13 185.89.210.180 29990 (ASN-APPNEX)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 34.107.148.139 396982 (GOOGLE-CL...)
12 35.244.159.8 15169 (GOOGLE)
5 52.212.209.85 16509 (AMAZON-02)
6 2602:803:c003... 26667 (RUBICONPR...)
4 52.58.124.102 16509 (AMAZON-02)
4 69.166.1.15 27630 (AS-XFERNET)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 104.111.217.42 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.185.198 15169 (GOOGLE)
2 130.211.23.194 15169 (GOOGLE)
2 18.64.141.81 16509 (AMAZON-02)
1 151.101.192.84 54113 (FASTLY)
2 54.93.71.93 16509 (AMAZON-02)
4 76.223.111.18 16509 (AMAZON-02)
4 2600:9000:223... 16509 (AMAZON-02)
9 23.35.236.201 16625 (AKAMAI-AS)
4 2.18.235.93 16625 (AKAMAI-AS)
18 104.83.150.103 16625 (AKAMAI-AS)
4 65.9.95.85 16509 (AMAZON-02)
11 11 18.156.42.225 16509 (AMAZON-02)
19 21 142.250.186.162 15169 (GOOGLE)
7 69.166.1.12 27630 (AS-XFERNET)
4 4 103.229.205.243 30419 (MEDIAMATH...)
1 162.19.138.83 16276 (OVH)
5 6 198.148.27.139 19189 (PULSEPOINT)
2 2 193.0.160.131 54312 (ROCKETFUEL)
1 2 198.47.127.19 3257 (GTT-BACKB...)
14 34 185.80.39.216 27381 (CASALE-MEDIA)
8 8 23.56.202.187 16625 (AKAMAI-AS)
29 29 3.71.149.231 16509 (AMAZON-02)
14 65.9.95.33 16509 (AMAZON-02)
2 9 69.173.144.165 26667 (RUBICONPR...)
14 14 185.64.190.79 62713 (AS-PUBMATIC)
2 2 52.19.84.36 16509 (AMAZON-02)
6 10 185.64.190.80 62713 (AS-PUBMATIC)
5 98.98.134.242 21859 (ZEN-ECN)
4 52.214.119.157 16509 (AMAZON-02)
8 13.32.99.18 16509 (AMAZON-02)
2 2 3.120.95.6 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 3.124.212.222 16509 (AMAZON-02)
4 51.89.9.254 16276 (OVH)
4 216.52.2.16 30282 (AS-INAPCD...)
4 35.186.253.211 15169 (GOOGLE)
4 8 185.86.138.154 201081 (SMARTADSE...)
4 4 147.75.85.234 54825 (PACKET)
4 63.35.247.169 16509 (AMAZON-02)
2 4 198.47.127.20 62713 (AS-PUBMATIC)
2 2 213.155.156.184 1299 (TWELVE99 ...)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 4 54.239.33.159 16509 (AMAZON-02)
1 54.228.6.120 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.235.69.38 14618 (AMAZON-AES)
3 3 37.157.6.254 198622 (ADFORM)
1 34.91.62.186 396982 (GOOGLE-CL...)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
4 8 52.46.143.56 16509 (AMAZON-02)
1 72.251.241.196 32475 (SINGLEHOP...)
2 2 3.123.59.105 16509 (AMAZON-02)
2 2 34.111.151.213 396982 (GOOGLE-CL...)
2 2 185.89.210.141 29990 (ASN-APPNEX)
3 52.214.75.92 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
3 4 151.101.2.49 54113 (FASTLY)
4 8 54.195.76.101 16509 (AMAZON-02)
4 8 52.31.88.82 16509 (AMAZON-02)
4 4 69.173.144.139 ()
1 2620:1ec:21::14 ()
1 8.43.72.98 ()
444 103
Apex Domain
Subdomains
Transfer
46 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 482
eus.rubiconproject.com — Cisco Umbrella Rank: 556
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 935
pixel.rubiconproject.com — Cisco Umbrella Rank: 322
token.rubiconproject.com
pixel-us-east.rubiconproject.com
106 KB
43 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 472
ads.pubmatic.com — Cisco Umbrella Rank: 475
image6.pubmatic.com — Cisco Umbrella Rank: 731
image8.pubmatic.com — Cisco Umbrella Rank: 634
simage2.pubmatic.com — Cisco Umbrella Rank: 670
image4.pubmatic.com — Cisco Umbrella Rank: 942
image2.pubmatic.com — Cisco Umbrella Rank: 858
simage4.pubmatic.com
73 KB
39 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1611
htlb.casalemedia.com — Cisco Umbrella Rank: 492
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 535
dsum.casalemedia.com — Cisco Umbrella Rank: 1262
32 KB
29 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 446
6 KB
28 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 4124
sync.serverbid.com — Cisco Umbrella Rank: 9579
x.serverbid.com — Cisco Umbrella Rank: 9692
13 KB
28 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 70
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 166
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
139 KB
25 screencrush.com
screencrush.com — Cisco Umbrella Rank: 361138
215 KB
22 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3280
cdn.undertone.com — Cisco Umbrella Rank: 4223
usr.undertone.com — Cisco Umbrella Rank: 3559
19 KB
22 townsquare.media
townsquare.media — Cisco Umbrella Rank: 21689
1 MB
20 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 7036
cdn.adswizz.com — Cisco Umbrella Rank: 10761
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2142
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5078
84 KB
20 google.com
apis.google.com — Cisco Umbrella Rank: 106
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1980
accounts.google.com — Cisco Umbrella Rank: 72
region1.analytics.google.com — Cisco Umbrella Rank: 4179
329 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax.amazon-adsystem.com — Cisco Umbrella Rank: 790
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 938
s.amazon-adsystem.com — Cisco Umbrella Rank: 276
70 KB
16 openx.net
townsquaremedia-d.openx.net — Cisco Umbrella Rank: 38895
u.openx.net — Cisco Umbrella Rank: 626
us-u.openx.net — Cisco Umbrella Rank: 429
rtb.openx.net — Cisco Umbrella Rank: 1455
2 KB
15 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 389
15 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 330
4 KB
12 gstatic.com
fonts.gstatic.com
ssl.gstatic.com
238 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 297
3 KB
11 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1543
sync.go.sonobi.com — Cisco Umbrella Rank: 856
10 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
7 KB
8 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1290
2 KB
8 media.net
prebid.media.net — Cisco Umbrella Rank: 1293
contextual.media.net — Cisco Umbrella Rank: 587
33 KB
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 512
eb2.3lift.com — Cisco Umbrella Rank: 352
12 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
21 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 77
127 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 557
3 KB
6 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1354
at.teads.tv — Cisco Umbrella Rank: 4570
6 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 758
syndication.twitter.com — Cisco Umbrella Rank: 1090
150 KB
5 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 622
955 B
5 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1477
5 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 612
19 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 611
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1897
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3012
206 B
4 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 684
137 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 949
779 B
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 603
1 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 766
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1396
884 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 470
3 KB
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4603
k.p-n.io — Cisco Umbrella Rank: 3262
53 KB
4 kargo.com
krk.kargo.com — Cisco Umbrella Rank: 2216
3 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 6058
729 B
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 526
1 KB
3 adform.net
dmp.adform.net — Cisco Umbrella Rank: 2938
c1.adform.net — Cisco Umbrella Rank: 549
2 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 22306
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27026
898 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 808
api.btloader.com — Cisco Umbrella Rank: 902
13 KB
3 solutionshindsight.net
static.solutionshindsight.net — Cisco Umbrella Rank: 30030
30 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 2713
log.pinterest.com — Cisco Umbrella Rank: 3810
19 KB
3 townsquareblogs.com
cdn.production.townsquareblogs.com — Cisco Umbrella Rank: 43377
105 KB
2 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9742
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1498
606 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 743
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4619
562 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 913
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4678
747 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4057
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4047
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 802
1 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 892
1 KB
2 media6degrees.com
action.media6degrees.com — Cisco Umbrella Rank: 3107
372 B
2 dstillery.com
action.dstillery.com — Cisco Umbrella Rank: 3139
281 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
1 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 392
dis.criteo.com — Cisco Umbrella Rank: 686
651 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 682
456 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 151
3 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1287
104 B
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 912
198 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
144 KB
2 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 7744
www.instagram.com — Cisco Umbrella Rank: 1198
20 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
5 KB
1 linkedin.com
px.ads.linkedin.com
649 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 21197
270 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1308
283 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 740
612 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 756
265 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 660
588 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 414
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1125
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 760
359 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
48 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
27 KB
1 net.
d1180od816jent.cloudfront.net.
43 KB
0 colossusssp.com Failed
sync.colossusssp.com Failed
444 84
Domain Requested by
25 ups.analytics.yahoo.com 25 redirects
25 screencrush.com 1 redirects screencrush.com
townsquare.media
d1180od816jent.cloudfront.net.
22 townsquare.media screencrush.com
d1180od816jent.cloudfront.net.
21 cm.g.doubleclick.net 19 redirects
19 ssum-sec.casalemedia.com 12 redirects cdn.undertone.com
ssum-sec.casalemedia.com
18 eus.rubiconproject.com d1180od816jent.cloudfront.net.
cdn.undertone.com
eus.rubiconproject.com
sync.serverbid.com
16 x.serverbid.com sync.serverbid.com
15 match.adsrvr.org js-sec.indexww.com
cdn.undertone.com
sync.serverbid.com
ssum-sec.casalemedia.com
14 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
14 image8.pubmatic.com 14 redirects
14 usr.undertone.com cdn.undertone.com
ads.pubmatic.com
ssum-sec.casalemedia.com
13 ib.adnxs.com 9 redirects cdn.production.townsquareblogs.com
11 x.bidswitch.net 11 redirects
9 pixel.rubiconproject.com 2 redirects cdn.undertone.com
9 ads.pubmatic.com d1180od816jent.cloudfront.net.
sync.serverbid.com
8 dpm.demdex.net 4 redirects sync.serverbid.com
8 synchroscript.deliveryengine.adswizz.com 4 redirects cdn.adswizz.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 sync.smartadserver.com 4 redirects sync.serverbid.com
8 secure-assets.rubiconproject.com 8 redirects
8 e.serverbid.com cdn.production.townsquareblogs.com
sync.serverbid.com
8 apis.google.com screencrush.com
apis.google.com
www.youtube.com
accounts.google.com
d1180od816jent.cloudfront.net.
8 www.google-analytics.com screencrush.com
www.google-analytics.com
7 sync.go.sonobi.com sync.serverbid.com
7 www.youtube.com apis.google.com
www.youtube.com
d1180od816jent.cloudfront.net.
6 simage2.pubmatic.com 2 redirects cdn.undertone.com
6 bh.contextweb.com 5 redirects
6 ssl.gstatic.com accounts.google.com
screencrush.com
6 fastlane.rubiconproject.com cdn.production.townsquareblogs.com
6 fonts.gstatic.com fonts.googleapis.com
5 pixel-sync.sitescout.com cdn.undertone.com
ssum-sec.casalemedia.com
5 g2.gumgum.com cdn.production.townsquareblogs.com
5 a.teads.tv d1180od816jent.cloudfront.net.
cdn.production.townsquareblogs.com
5 js-sec.indexww.com screencrush.com
d1180od816jent.cloudfront.net.
4 token.rubiconproject.com 4 redirects
4 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
4 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
4 pr-bh.ybp.yahoo.com 1 redirects ssum-sec.casalemedia.com
4 a.audrte.com 3 redirects
4 aax-eu.amazon-adsystem.com 2 redirects ads.pubmatic.com
4 pubmatic-match.dotomi.com ads.pubmatic.com
4 image2.pubmatic.com 4 redirects
4 ads.yieldmo.com sync.serverbid.com
4 prebid.a-mo.net 4 redirects
4 rtb.openx.net sync.serverbid.com
4 ap.lijit.com sync.serverbid.com
4 onetag-sys.com sync.serverbid.com
4 cdn.adswizz.com sync.serverbid.com
4 synchrobox.adswizz.com sync.serverbid.com
4 pixel.advertising.com 4 redirects
4 us-u.openx.net cdn.undertone.com
4 sync.mathtag.com 4 redirects
4 sync.serverbid.com d1180od816jent.cloudfront.net.
4 contextual.media.net d1180od816jent.cloudfront.net.
4 cdn.undertone.com d1180od816jent.cloudfront.net.
4 eb2.3lift.com d1180od816jent.cloudfront.net.
4 u.openx.net d1180od816jent.cloudfront.net.
4 apex.go.sonobi.com cdn.production.townsquareblogs.com
4 krk.kargo.com cdn.production.townsquareblogs.com
4 townsquaremedia-d.openx.net cdn.production.townsquareblogs.com
4 prebid.media.net cdn.production.townsquareblogs.com
4 hbopenbid.pubmatic.com cdn.production.townsquareblogs.com
4 tlx.3lift.com cdn.production.townsquareblogs.com
4 hb.undertone.com cdn.production.townsquareblogs.com
4 htlb.casalemedia.com cdn.production.townsquareblogs.com
4 region1.analytics.google.com screencrush.com
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 www.google.de screencrush.com
4 stats.g.doubleclick.net www.google-analytics.com
screencrush.com
4 platform.twitter.com screencrush.com
d1180od816jent.cloudfront.net.
3 match.prod.bidr.io ssum-sec.casalemedia.com
3 image4.pubmatic.com 2 redirects
3 static.solutionshindsight.net d1180od816jent.cloudfront.net.
3 fundingchoicesmessages.google.com d1180od816jent.cloudfront.net.
3 www.google.com screencrush.com
3 c.amazon-adsystem.com screencrush.com
c.amazon-adsystem.com
3 cdn.production.townsquareblogs.com screencrush.com
cdn.production.townsquareblogs.com
2 ad4m.at ssum-sec.casalemedia.com
2 secure.adnxs.com 2 redirects
2 dmp.brand-display.com 2 redirects
2 pm.w55c.net 2 redirects
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 pool.admedo.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 ads.avct.cloud 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 k.p-n.io d1180od816jent.cloudfront.net.
2 cdn.p-n.io d1180od816jent.cloudfront.net.
2 api.btloader.com d1180od816jent.cloudfront.net.
btloader.com
2 ad-delivery.net screencrush.com
2 action.media6degrees.com screencrush.com
2 action.dstillery.com 2 redirects
2 www.facebook.com d1180od816jent.cloudfront.net.
2 syndication.twitter.com platform.twitter.com
screencrush.com
2 accounts.google.com d1180od816jent.cloudfront.net.
screencrush.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 sb.scorecardresearch.com d1180od816jent.cloudfront.net.
screencrush.com
2 i.clean.gg d1180od816jent.cloudfront.net.
2 securepubads.g.doubleclick.net www.googletagservices.com
2 cdn.taboola.com screencrush.com
d1180od816jent.cloudfront.net.
2 connect.facebook.net screencrush.com
d1180od816jent.cloudfront.net.
2 www.googletagmanager.com screencrush.com
d1180od816jent.cloudfront.net.
2 assets.pinterest.com screencrush.com
d1180od816jent.cloudfront.net.
2 fonts.googleapis.com screencrush.com
d1180od816jent.cloudfront.net.
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel-us-east.rubiconproject.com sync.serverbid.com
1 px.ads.linkedin.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 um.simpli.fi
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr
1 sync.crwdcntrl.net
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 id5-sync.com
1 log.pinterest.com screencrush.com
1 ad.doubleclick.net screencrush.com
1 btloader.com d1180od816jent.cloudfront.net.
1 at.teads.tv a.teads.tv
1 gum.criteo.com d1180od816jent.cloudfront.net.
1 as-sec.casalemedia.com js-sec.indexww.com
1 secure.cdn.fastclick.net d1180od816jent.cloudfront.net.
1 api.rlcdn.com js-sec.indexww.com
1 pagead2.googlesyndication.com townsquare.media
1 www.instagram.com screencrush.com
1 platform.instagram.com 1 redirects
1 www.googletagservices.com screencrush.com
1 d1180od816jent.cloudfront.net. screencrush.com
0 sync.colossusssp.com Failed sync.serverbid.com
444 135
Subject Issuer Validity Valid
www5.townsquaremedia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-08 -
2023-10-29
8 months crt.sh
www6.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-10-06 -
2023-10-05
a year crt.sh
www8.townsquaremedia.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-09 -
2023-10-30
10 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-01 -
2023-08-08
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-06 -
2023-11-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-01-10 -
2023-03-30
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
i.clean.gg
GTS CA 1D4
2023-01-28 -
2023-04-28
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
www.google.de
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-28
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2022-12-02 -
2023-12-02
a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02
2022-12-27 -
2024-01-25
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
accounts.google.com
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-02-05 -
2024-02-05
a year crt.sh
solutionshindsight.net
Amazon RSA 2048 M01
2023-02-22 -
2024-01-19
a year crt.sh
teads.tv
R3
2023-02-21 -
2023-05-22
3 months crt.sh
*.undertone.com
Amazon RSA 2048 M02
2023-03-01 -
2023-10-01
7 months crt.sh
*.3lift.com
Amazon RSA 2048 M01
2023-02-10 -
2023-06-11
4 months crt.sh
*.consumableaudio.com
R3
2023-02-14 -
2023-05-15
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
gumgum.com
Amazon RSA 2048 M01
2023-02-10 -
2023-10-07
8 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.dev.kargo.com
Amazon RSA 2048 M01
2023-02-13 -
2024-03-12
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-03-06 -
2023-05-29
3 months crt.sh
api.btloader.com
GTS CA 1D4
2023-02-16 -
2023-05-17
3 months crt.sh
pushlycdn.com
Amazon RSA 2048 M02
2023-02-27 -
2024-02-13
a year crt.sh
*.p-n.io
Amazon RSA 2048 M01
2023-02-10 -
2024-01-21
a year crt.sh
sync.serverbid.com
Amazon RSA 2048 M02
2023-03-22 -
2024-04-19
a year crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2023-01-09 -
2024-02-02
a year crt.sh
*.adswizz.com
Amazon RSA 2048 M01
2023-02-13 -
2023-08-20
6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-06-27 -
2023-06-05
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M02
2023-02-09 -
2023-05-24
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-01-27 -
2024-01-27
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1
2022-11-07 -
2023-12-08
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02
2023-02-09 -
2024-01-26
a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-02-09 -
2024-02-13
a year crt.sh

This page contains 66 frames:

Primary Page: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Frame ID: 51A69B07AB67CBD3C47E6E4CEF490C0F
Requests: 205 HTTP requests in this frame

Frame: https://cdn.production.townsquareblogs.com/aleph/
Frame ID: D495B5ABBF81B9DC7F96DDB5B34B8730
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channel=screencrush&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fscreencrush.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Frame ID: 567CF3199FDC87D6B73BFA3E8D9FA55B
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fscreencrush.com
Frame ID: 672CD1E6BF42DF855A7D11079D8E3FFD
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fscreencrush.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Frame ID: 83EDA5ABF190B21CAB2E4F6C88BF3CA9
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 11F4A347F0635DB8A0BB4CEB35DF4A1F
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgMJGv4cQl8-q71AyFeFmtg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Frame ID: 4E94EDDB1836F78E8BC9025364FF4A20
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=856098531951831&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f075177220c9%26domain%3Dscreencrush.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fscreencrush.com%252Ff28eb8a14db715%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fscreencrush&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Frame ID: D74ECC0D1EF79D83C7BC8BA32BD01574
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BF38C32334A43CB48ECDC0648CE418BF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7D6B79A0327855A62C0F9D0DC1FB1690
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6426C9D00DD3F7AD9932DE2CDEC152E6
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 638942F1EAD7E2672188CD25D0FAB63F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: F8DEC2DBFC2A7A83E8AE022EBE6511FA
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 723B4A8C36380C615009DA36F459119E
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: D3A0BC95EC6B009B4C8B278572F05822
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: AED3749A8FEB1D11DBC8E22EDA3080A2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 56B211258E55EF99ADF12CB8E79F19C1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 78282B0089CE6B486E89D9E6A855B2FB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 883F89B1D7EE09A87A16E159B6CA5C5A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6137B8077D46FEA00CA2AA594DBB4A58
Requests: 10 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 6A579311EAFEC7D41D510F63D44A4E21
Requests: 8 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: F3D971EE02F6663EA67709E99F116418
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: C951EB9E10F401F85BEB1D31BA0D55D7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4DB4FF3BFF09942FD57A49CCA4DD0535
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2492684C9F488B3BA6D89753A249D7DC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 182194BE4070E90560E906776F25A889
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 52BE65E0F21B2017066C6C136E295908
Requests: 8 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EAE4917E94DD4D116130837366015F90
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 3E4777DCE4F315F864A1B2661A3CFA7B
Requests: 16 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 5B206D31AC4D8DD26963EDEA40A38FAE
Requests: 16 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: 722FCA537AAE4FBFB5BF7D9C5B59B1E8
Requests: 16 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4FE61CAD32FD61A3A061A0F47EE2587D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C8C4CDDC567BB7CB8D674A1764B0CE86
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000775.html
Frame ID: FAE3DBBC99FC4D42E6EEC0B473F0157F
Requests: 16 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: CDBEDCFDBC75676AC39312F705AB1888
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: FEDA2B5311F13BE8C95F7F0A96033F43
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Frame ID: 8CB555E41E89BFBEE954BB1515E8498D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 840972A04F2F600326C8F8DA2045CC70
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: CD07711952F436BFEC24387B56B60C37
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 75BC01D99DF9097FEAEBECFF3B2DA880
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 670992259F7467202FF7440C931F5DAA
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: 62876A5E7AC56F7D328CC2DD422D851A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 4F5B14CE1867AC42D6EEEB877F1D97BA
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Frame ID: C22961794A6229172A626ED08A3748BC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D1AF77B8DAFFFE6601B61C57D4FDF80E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 2DB6F17E68F95B838303283D1060D66E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 52DB54449222BB3B86603A386B6441B7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Frame ID: A0E81E6CC7BF634C94ABDC55B3AE3F84
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: D493A73A13387DCC90A79D69C2C2F7D4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 32A19B62B1543CD288C353C0C11625E9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Frame ID: 037A4A3BAAF8DF7F4221AA080ECCD3C6
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 56430167B6FED2D3138B7FD189FB56B4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 5FEE58862BD26BB026AEF0C8FE73F838
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Frame ID: 532BBAB5053479C9A68B70FD588011DD
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: D76D0DBD7132DEFAD3B3A6C1E371069E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: E8D4D36CBB0C74A185D5539B395353A8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Frame ID: A24CEFBE7DE317EF554C669400C5727C
Requests: 2 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
Frame ID: BBCB391216C7E231755279CADE420B18
Requests: 1 HTTP requests in this frame

Frame: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Frame ID: 64193775A2EF1350FDE1416E7DA7F469
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DECE73CABF8E8D0C033A16C11DBABDE6
Requests: 1 HTTP requests in this frame

Frame: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Frame ID: 97CB5252641BBC7D05F411BB2C41577C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: CEBE2A0C65F16AC1C929B9661035F9B9
Requests: 1 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 20AA5EC1ECB564CA656191B43E893D2D
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: E3D310AC4F091EBE9328CCA70AFB2EFA
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: A6688647315B918715573D92B35AE80B
Requests: 2 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 7CEB2B1AB043136518A7BDA7C8743686
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Nothing found for Spc ?wptouch_switch=mobile&redirect= Rianhabnonbuzz Ml 72screencrush660UXE

Page URL History Show full URLs

  1. http://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE HTTP 301
    https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

444
Requests

81 %
HTTPS

28 %
IPv6

84
Domains

135
Subdomains

103
IPs

13
Countries

3708 kB
Transfer

9547 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE HTTP 301
    https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js
Request Chain 159
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=ScreenCrush&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=ScreenCrush&ncv=24
Request Chain 160
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24 HTTP 302
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Request Chain 246
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439&google_hm=MWU5YzQzNWYtNGExZi00OTAwLWJjZjItNDg5NzdhMGNmNDM5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439&google_hm=MWU5YzQzNWYtNGExZi00OTAwLWJjZjItNDg5NzdhMGNmNDM5&google_tc= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJErhOtEDrKT69qo3P2lmV0&google_cver=1&ssp=sonobi&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1e9c435f-4a1f-4900-bcf2-48977a0cf439
Request Chain 247
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7f60641c-5896-4800-9996-4903209a49a8
Request Chain 249
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=23602b7e-43c1-4b29-a7b1-c3067cbc2266&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=andsT2k4VXRSSjlMMXhrZGd0czItUQ&gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=andsT2k4VXRSSjlMMXhrZGd0czItUQ&gdpr=&gdpr_consent=&google_tc= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOko7F82dEm-glaV3dnZGA&google_cver=1
Request Chain 251
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827006366435
Request Chain 253
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 254
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 256
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
Request Chain 259
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=99bf374f-1fb3-4467-b5af-d5d45266af55&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 261
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 269
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
Request Chain 272
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9ba7a2fd-6ed2-479b-a969-107a272598c6&ssp=pubmatic&expires=30&user_group=5&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 274
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 275
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 276
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 281
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bQUKrhJE2uGoyxJe7HscjwunEmS3PRT7~A
Request Chain 284
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b5a2a99c-fbd6-4e1e-9551-7e07299a288b&user_group=1&ssp=pubmatic&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 286
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 287
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 288
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 290
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
Request Chain 293
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID&rdf=1 HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=1e9c435f-4a1f-4900-bcf2-48977a0cf439 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8abdd9b2-73f2-4107-96ae-610aabaaf1f2&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 295
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 296
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Request Chain 297
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 300
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Request Chain 303
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlemCjLvlgIbQ.JT25wAA%265153
Request Chain 305
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=d1YFxrgbgN3E&ev=1&pid=562763
Request Chain 307
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 308
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=e1df80d8-9f9a-4761-bdf2-c01b83a6d52b&gdpr=&gdpr_consent=&us_privacy=
Request Chain 309
  • https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 310
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Request Chain 314
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Request Chain 316
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=PLl9EEjZWgbl&ev=1&pid=562763
Request Chain 318
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 319
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=05f747cd-b22d-4018-9a90-1bcedf80dec8&gdpr=&gdpr_consent=&us_privacy=
Request Chain 320
  • https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 321
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Request Chain 326
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Request Chain 329
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Request Chain 331
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=m51KgYAtRn00&ev=1&pid=562763
Request Chain 333
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 334
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=71ba615d-a4cf-4ae5-ae28-f8483037b3f4&gdpr=&gdpr_consent=&us_privacy=
Request Chain 335
  • https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 336
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Request Chain 341
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Request Chain 344
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Request Chain 346
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=78QWgjqZ2Ndp&ev=1&pid=562763
Request Chain 348
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Request Chain 349
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=9a8ee843-fb1c-4cdd-ac03-09799d12ba3e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 350
  • https://ups.analytics.yahoo.com/ups/58671/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true HTTP 302
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Request Chain 351
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Request Chain 356
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Request Chain 358
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06f7641c-5895-4500-85cf-73dd9689e9f4&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8594F954-1FF8-4B9D-BDBF-B312164EED08 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
Request Chain 359
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1026157313889103335 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Request Chain 361
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PCss1T8nJIMnfC2DPCkwhmksL9UnLiqBOn6dutHQ HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Request Chain 362
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZT5VB_4S529v7MSFk7tCA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZT5VB_4S529v7MSFk7tCA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 365
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3183969068 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8594F954-1FF8-4B9D-BDBF-B312164EED08
Request Chain 366
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjVjUFZLTUlZOEhUYktDTmotYVBuQ1h6dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=5204265467251411098&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 367
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU5NEY5NTQtMUZGOC00QjlELUJEQkYtQjMxMjE2NEVFRDA4&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU5NEY5NTQtMUZGOC00QjlELUJEQkYtQjMxMjE2NEVFRDA4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Request Chain 368
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM71_wIW-rwMihzMKD5cbEU&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Request Chain 370
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5204265467251411098 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8594F954-1FF8-4B9D-BDBF-B312164EED08 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
Request Chain 373
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w0BKX4RE2uVwPA.S7akIswVEyD.LY0E-~A&gdpr=0
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
Request Chain 376
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBxYlemCjLvlgIbQ.JT25wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1&google_hm=2
Request Chain 377
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 380
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=VKPPgoZd1PFlit5
Request Chain 381
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827006366435
Request Chain 382
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0360459c-7016-8bef-ec83981f
Request Chain 385
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
Request Chain 388
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=59a3641c-5896-4700-82b4-247c8ca3bccd
Request Chain 390
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f43c7227-e0fb-0684-f8c1e694
Request Chain 394
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
Request Chain 397
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d487641c-5896-4700-b49e-d40d389e495f
Request Chain 398
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 399
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=232454db-efbd-4464-ae64-09d583909d17
Request Chain 400
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
Request Chain 401
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBxYlQADzI4hPQBB HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBxYlQADzI4hPQBB&_test=ZBxYlQADzI4hPQBB
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
Request Chain 404
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 405
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBxYlUYwLTPdGSXfll9JKQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1
Request Chain 407
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBxYlQACjp9rYAAo
Request Chain 410
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5518242767990326602
Request Chain 420
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Request Chain 421
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Request Chain 422
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Request Chain 423
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Request Chain 432
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1Kz3k2XIT1maYXDmx-sCRg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1Kz3k2XIT1maYXDmx-sCRg
Request Chain 433
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDAwYzY2N2NkMDM0NDQwZGExMzRiNTM3NmM4YTQ4ODM1MzgyZTYzNg&us_privacy=1---
Request Chain 434
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMNjUwMUctMTctV0c=&us_privacy=1---
Request Chain 435
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iNjDKjaXReSym5MquVD63g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iNjDKjaXReSym5MquVD63g
Request Chain 437
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/G5NLAe9t2Iv6yYHwNKCjUg?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ebx76KhE2oJc_fOuoZdUaK0hX7mgcfBAVlhCdw--~A
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPQlW2X1dVfjtmVZmTjG2Fw&google_cver=1
Request Chain 439
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFL6501G-17-WG&us_privacy=1---

444 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
screencrush.com/spc/
Redirect Chain
  • http://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
  • https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
120 KB
25 KB
Document
General
Full URL
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
9fcde0003e8ba1c46265f4ec62b8e3fe8ef319d53c939862bd65afac52ee9886
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-cache
content-encoding
gzip
content-length
25543
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:00 GMT
etag
W/"1de52-6OfFaQxHCEHFf7fDLwZ/1g"
expires
Thu, 23 Mar 2023 13:47:59 GMT
gdpr-source
DE
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
A
x-cache
MISS
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-varnish
3913285529

Redirect headers

Cache-Control
no-cache
Content-Length
178
Content-Type
text/html
Date
Thu, 23 Mar 2023 13:47:59 GMT
Expires
Thu, 23 Mar 2023 13:47:58 GMT
Location
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Server
nginx
X-Frame-Options
SAMEORIGIN
gdpr-source
DE
base.css
screencrush.com/styles/desktop/
543 KB
117 KB
Stylesheet
General
Full URL
https://screencrush.com/styles/desktop/base.css?ver=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) / Express
Resource Hash
c022178cd168183fa92ad8679edbef4b30d6d1dd3f42fdf79594df32d119e27a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70418
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
119080
last-modified
Wed, 22 Mar 2023 18:14:23 GMT
server
ECS (frb/67F3)
etag
W/"87b53-dYnBZ1qAfgsh+SCV1yvbuA"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-varnish
3897365236
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
main.bundle.576396640674f421805c55696d3f5f17b454bbee.js
townsquare.media/public/dist/desktop/
913 KB
237 KB
Script
General
Full URL
https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) / Express
Resource Hash
cfb02ca5280925d98c8e89e1b58e1cd680e6ccc1529dcf74c049b43a153cbc61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70418
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
241957
last-modified
Tue, 07 Mar 2023 18:03:37 GMT
server
ECS (frb/67AA)
etag
W/"e45ea-186bd3e3a99"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384604922
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
css
fonts.googleapis.com/
22 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Mar 2023 13:44:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Mar 2023 13:48:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 12:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6169
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Mar 2023 14:05:11 GMT
autotrack.carbon.js
townsquare.media/public/resources/js/
4 KB
2 KB
Script
General
Full URL
https://townsquare.media/public/resources/js/autotrack.carbon.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) / Express
Resource Hash
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
4662
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2031
last-modified
Thu, 03 Oct 2019 18:52:14 GMT
server
ECS (frb/67D4)
etag
W/"119a-16d92f72a86"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3912217924 3912174822
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
script.js
d1180od816jent.cloudfront.net./
123 KB
43 KB
Script
General
Full URL
https://d1180od816jent.cloudfront.net./script.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7000:8:56fe:be40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0252363cfd6418a89d40c6f8552fcfb414973234e4e8833b91e79f3c011efd79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
DQP5ruQdYjmpVDt6qFdRCSl7f.BTxmUo
content-encoding
gzip
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
date
Thu, 23 Mar 2023 13:43:27 GMT
last-modified
Thu, 23 Mar 2023 03:44:17 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
430
x-amz-server-side-encryption
AES256
etag
W/"785c8ae725c7c2ebb08acee925ec47f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
YRRLc5OQYt2CzXQVhFf1TBevyelKKgGsUBctk9AhU-opONQvuTGjvw==
gpt.js
www.googletagservices.com/tag/js/
78 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35b40571cb93ec4112a4d4817befd4f307c3ee69fcc2b2488df8d4c5ba0532c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27495
x-xss-protection
0
server
sffe
etag
"1519 / 388 of 1000 / last-modified: 1679569699"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Mar 2023 13:48:00 GMT
186854-113710634486999.js
js-sec.indexww.com/ht/p/
37 KB
13 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 13:41:51 GMT
server
cloudflare
age
91
etag
W/"da106c-930b-5f79170615b42"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7ac721283a530378-FRA
expires
Thu, 23 Mar 2023 17:48:00 GMT
pb.js
cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/
337 KB
104 KB
Script
General
Full URL
https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
f424fd6b84ca54b61c2ce567aded547e6ef8c6a0807b095e02b2a2b9c3789bbe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
70379
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop, desktop
x-device
carbon, carbon
content-length
105609
last-modified
Wed, 22 Mar 2023 18:15:01 GMT
server
ECS (frb/668B)
etag
W/"54278-ffmnapPMsFasyWjF4M6K1A"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-varnish
3384615567, 3384615563
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
platform.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
992826b176584df60085eba2f256765f56eab1c8e61dbaa12581829fc657c734
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 13:48:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21023
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"3da41b4a250986db"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Mar 2023 13:48:00 GMT
embed.js
www.instagram.com/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
55 KB
20 KB
Script
General
Full URL
https://www.instagram.com/embed.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da3c1db08c464d38bc2f27b488d36d0b389c8e9c8e45ae1ef6ec8e137715a69c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 13:48:00 GMT
content-md5
EIqxXXpQcKiGS7Kq/N8IbQ==
document-policy
force-load-at-top
edge-control
cache-maxage=1200s
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19423
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug
/MuUUUr+mFAFG7Mcj54CAfyilRhq0MXFS+NDUQ4Gd4HaN2WAVPzKYd7SjqmQm4zttb6JoHPmh1gB2zvWjsjHhw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
d35426d114f223614729c6213bd89a9b
cross-origin-opener-policy
same-origin-allow-popups
etag
"5522064664fab6e44c3b71f455a1a5da"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 23 Mar 2023 14:08:00 GMT

Redirect headers

location
https://www.instagram.com/embed.js
date
Thu, 23 Mar 2023 13:48:00 GMT
x-fb-trip-id
1425083115
server
proxygen-bolt
content-length
0
content-type
text/plain
pinit.js
assets.pinterest.com/js/
361 B
448 B
Script
General
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"62d32c28f14783b94192cd8d35bc010d"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=165
accept-ranges
bytes
content-length
203
screencrush-high-rez.png
townsquare.media/site/442/files/2018/04/
10 KB
10 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2018/04/screencrush-high-rez.png
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) / Express
Resource Hash
1fa1ecedd36b7da37e29238663118c6537843f58cae89bbb7bd750f9afdaa1b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
1769436
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
9859
last-modified
Wed, 13 Apr 2022 13:11:13 GMT
server
ECS (frb/67DF)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
3529549550
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
cogitoergosum
screencrush.com/rest/high/api/
128 B
492 B
XHR
General
Full URL
https://screencrush.com/rest/high/api/cogitoergosum
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
f21e20915944dce99072b1798e257fa6021c798d9b927db2dbd5c9f375fb0233
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
server
nginx
etag
W/"80-45OTBk3BoH2U438P/nf/qcgssMM"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
128
expires
Thu, 23 Mar 2023 13:47:59 GMT
gtm.js
www.googletagmanager.com/
189 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K346HJZ
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c50eaadf493bbe08f956c23483326f2d1d6329691da25ee611ccad5d36c063cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64785
x-xss-protection
0
last-modified
Thu, 23 Mar 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Mar 2023 13:48:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/
224 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:21:06 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 19:29:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
1614
x-amz-server-side-encryption
AES256
etag
W/"9bc5c23889e7664ec16504ac1d3adeb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
VZs3jkMv7hD30tgSG95QIanuDAOH9GDhX3Hl6r3L3qm7Mp0uPuMOMQ==
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:00 GMT
Content-Encoding
gzip
Age
12
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/6776)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e44786cf165cc2704d5206ed17d6c6f9e1286b8c2ad1892a105208bf72ad89e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 13:48:00 GMT
content-md5
p2twO6FoddAV7krJ2nOadA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
SKb+Gp/mvnLwowb3l1+8TaloVtgjOCckZ+5kgnUB1aRQhcF2MjMA3JYoqHJJx9+4s1e+IspOqiSSrUIExkh5Hw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
x-fb-content-md5
b1267b806aa61ac6f6f93b935b7a845d
cross-origin-opener-policy
same-origin-allow-popups
etag
"d87585faf67badadca1a6f5c1890d17a"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 23 Mar 2023 13:58:27 GMT
loader.js
cdn.taboola.com/libtrc/townsquaremediatsm-network/
157 KB
43 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/townsquaremediatsm-network/loader.js
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f0196e14733ac08f4e968b8edb36771a018f4a2e8d3c7a279627c44260cdd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
etcspIIG9Y2_tWWO6vtYdJD5LmToCoCD
content-encoding
gzip
via
1.1 varnish
date
Thu, 23 Mar 2023 13:48:00 GMT
x-amz-request-id
01TXYVZTFYGN3KFK
age
8682
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
43340
x-amz-id-2
GXIlu1EMnHlGhX7ehTAiHn4fKtHpAFLO0oP+d/yQ3E6lLlwlstjp+bBO3BfHRKeJ4FOpq6K/iQY=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Thu, 23 Mar 2023 11:23:11 GMT
server
AmazonS3
x-timer
S1679579281.821276,VS0,VE1
etag
"2b308cbd2bd359aafbe071a79d724468"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
62
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
/
cdn.production.townsquareblogs.com/aleph/ Frame D495
2 KB
861 B
Document
General
Full URL
https://cdn.production.townsquareblogs.com/aleph/
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) / Express
Resource Hash
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
273
cache-control
no-cache
content-encoding
gzip
content-length
708
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:00 GMT
etag
W/"7dd-17eb77f56cd"
expires
Thu, 23 Mar 2023 13:47:59 GMT
gdpr-source
DE
last-modified
Tue, 01 Feb 2022 22:54:42 GMT
server
ECS (frb/675D)
vary
Accept-Encoding
via
1.1 varnish
x-abgroup
A
x-cache
HIT
x-powered-by
Express
x-varnish
3913260124 3913221135
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options
nosniff
age
191422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:38 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:42 GMT
x-content-type-options
nosniff
age
191418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:42 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:42 GMT
x-content-type-options
nosniff
age
191418
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:42 GMT
truncated
/
50 KB
50 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c

Request headers

Referer
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
cogitoergosum
screencrush.com/rest/high/api/
128 B
337 B
Fetch
General
Full URL
https://screencrush.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
f21e20915944dce99072b1798e257fa6021c798d9b927db2dbd5c9f375fb0233
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
server
nginx
etag
W/"80-45OTBk3BoH2U438P/nf/qcgssMM"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
128
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-23.88e554471318124c97ac.1678138276779.js
screencrush.com/public/dist/chunks/
658 B
801 B
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-23.88e554471318124c97ac.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) / Express
Resource Hash
c95b914e03c58641ddce10559aca88ec677bb6e66ea8b667130811d340143b09
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
70807
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
658
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/67BA)
etag
W/"292-186bd3e35f3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384500451
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-20.343a4f652e549ee4ac5f.1678138276779.js
screencrush.com/public/dist/chunks/
806 B
909 B
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-20.343a4f652e549ee4ac5f.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) / Express
Resource Hash
df74e35033acf829919c64034c8a31b5d57dc065cb90909280fffcd98fede333
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
10162
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
806
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/67A8)
etag
W/"326-186bd3e3692"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3398270095
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-22.c7bd9b640e2e0a786731.1678138276779.js
screencrush.com/public/dist/chunks/
1 KB
888 B
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-22.c7bd9b640e2e0a786731.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) / Express
Resource Hash
cdad86c6c48439f0d708965a6006f6df82d87d242f5cbadd497bff916baaabcd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70868
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
783
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6738)
etag
W/"514-186bd3e3692"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384484460
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-21.b2911d7cd774531a53a4.1678138276779.js
screencrush.com/public/dist/chunks/
1016 B
1 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-21.b2911d7cd774531a53a4.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) / Express
Resource Hash
50ef13eb647e2b617ea60665e2961fe019bd9045c00b2a3c47bdc9236dab9aaa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
70868
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1016
last-modified
Tue, 07 Mar 2023 18:03:37 GMT
server
ECS (frb/6711)
etag
W/"3f8-186bd3e39fd"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3897244869
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-46.1e6a83c745df61c5fa9b.1678138276779.js
screencrush.com/public/dist/chunks/
2 KB
943 B
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-46.1e6a83c745df61c5fa9b.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
2f05bce2182c7e2220a013e488c47167ea1de7091b68128e0eb66e278aacb2d2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
11553
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
830
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/668B)
etag
W/"728-186bd3e369a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3397995914 3397993444
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-34.a726e709e910e30114e6.1678138276779.js
screencrush.com/public/dist/chunks/
40 KB
12 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-34.a726e709e910e30114e6.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) / Express
Resource Hash
ce7d1e5a84d4109ae07bb4b1135f041a6b9bb3fa32dee020a2fbccb3908bea9d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70833
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
12010
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6724)
etag
W/"a09a-186bd3e35f7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384493690
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-14.18795661c18d1d488f93.1678138276779.js
screencrush.com/public/dist/chunks/
27 KB
8 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-14.18795661c18d1d488f93.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) / Express
Resource Hash
3f693dec37b26106f4ea14c34c3213bd28a94857e878aa278c63b4f78e5225cd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
71281
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7891
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6776)
etag
W/"6ae3-186bd3e35f3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384493619 3384376002
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-52.8527ca6eee11be0e3074.1678138276779.js
screencrush.com/public/dist/chunks/
2 KB
911 B
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-52.8527ca6eee11be0e3074.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) / Express
Resource Hash
96d98fa2fdfa3030045ee2fd6419d5c4dc3b81cd2d2fb393f517101897175b8f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70833
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
806
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6723)
etag
W/"663-186bd3e369a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384493693
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
cogitoergosum
screencrush.com/rest/high/api/
22 B
89 B
Fetch
General
Full URL
https://screencrush.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-19.2f55e666e9e1e521c73d.1678138276779.js
screencrush.com/public/dist/chunks/
65 KB
16 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-19.2f55e666e9e1e521c73d.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) / Express
Resource Hash
702b45f2aa4ae71f0c91143e74391247b622ffb9971752a04d0e8a0a295df209
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
41313
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
16769
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6762)
etag
W/"10557-186bd3e35f3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3391765786
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-15.a3a897f13fda23e16f20.1678138276779.js
screencrush.com/public/dist/chunks/
5 KB
2 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-15.a3a897f13fda23e16f20.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
e26c65690d3eb8102487ae9efa4e9bc770225affacb451ba740ad4ecd6068db6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70834
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
2021
last-modified
Tue, 07 Mar 2023 18:03:37 GMT
server
ECS (frb/668B)
etag
W/"13d9-186bd3e39fd"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3897253221
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-18.00465e48f8d131978028.1678138276779.js
screencrush.com/public/dist/chunks/
64 KB
14 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-18.00465e48f8d131978028.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) / Express
Resource Hash
fa756a3bacb547d3f599d6c669b925ef35e907ac484b7bf300081926d3991e55
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70873
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
14138
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6712)
etag
W/"1014f-186bd3e3692"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384483191
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-11.0dc7eca31a74d50d6651.1678138276779.js
screencrush.com/public/dist/chunks/
967 B
1 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-11.0dc7eca31a74d50d6651.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) / Express
Resource Hash
d7fcfcf5dc79ede5660d2719ce39bda8551e26781a550b416dda18fc2550fb9b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
13936
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
967
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/6712)
etag
W/"3c7-186bd3e3692"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3911006459 3910279396
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
chunk-12.15380992e4cd5579d6a0.1678138276779.js
screencrush.com/public/dist/chunks/
4 KB
2 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-12.15380992e4cd5579d6a0.1678138276779.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A8) / Express
Resource Hash
01739260e772adfbffa7b62c6116b97fb1dfac703bc926c86de1637e41974cef
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
via
1.1 varnish
age
70849
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1498
last-modified
Tue, 07 Mar 2023 18:03:47 GMT
server
ECS (frb/67A8)
etag
W/"e03-186bd3e61d7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3384489351
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
140 KB
48 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c9d18ee433b19af3a646c6f1604d36c0b957840a73eec918cf67b01bc40aff4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48772
x-xss-protection
0
server
cafe
etag
689040272180236391
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Mar 2023 13:48:00 GMT
/
screencrush.com/internal-ad-api/
9 KB
3 KB
Fetch
General
Full URL
https://screencrush.com/internal-ad-api/?kw[]=pagetype-404&kw[]=device-desktop
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
b9846e2517780667dabbe6bd01551d1616f7b4c9c41519f6dfa3a09ed78c9119
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
x-ua-device
desktop
x-device
desktop
content-length
2586
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-varnish
3913285861
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-attachment-loki-was-right-1-4-2.jpg
townsquare.media/site/442/files/2022/07/
124 KB
124 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2022/07/attachment-attachment-loki-was-right-1-4-2.jpg?w=980&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) / Express
Resource Hash
aa5fd8ee6e27901a03c902884af8efed8af1b8afc8101aef87e44a9c8dc5abde
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
1219876
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
126879
last-modified
Thu, 07 Jul 2022 19:33:30 GMT
server
ECS (frb/67BA)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3136585951
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
attachment-mandalorian-chapter-20.jpg
townsquare.media/site/442/files/2023/03/
95 KB
95 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-mandalorian-chapter-20.jpg?w=980&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) / Express
Resource Hash
a36cf3227b8a2818257b14e77c942b4a364d2d39c9e0db246f81d79a833f62af
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
54821
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
97212
last-modified
Wed, 22 Mar 2023 22:33:39 GMT
server
ECS (frb/6711)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3388294758 3388289853
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
attachment-brandy-as-cinderella-descendants.jpg
townsquare.media/site/442/files/2023/03/
78 KB
78 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-brandy-as-cinderella-descendants.jpg?w=980&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E0) / Express
Resource Hash
76748e02d119c4ba80576b2d306e1f216aa6d7c33ad5842f7f3092cd10b7567f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
66987
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
79618
last-modified
Wed, 22 Mar 2023 19:10:46 GMT
server
ECS (frb/67E0)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3385223543 3385203163
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
Smash.jpg
townsquare.media/site/442/files/2020/05/
88 KB
88 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2020/05/Smash.jpg?w=980&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) / Express
Resource Hash
25c86d215a934f4f28aac2a1354156b5f5507a75fcc54c96922f85218f75d6db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
77173
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
89615
last-modified
Mon, 11 Apr 2022 17:50:21 GMT
server
ECS (frb/6724)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3895714764 3895607253
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
attachment-jw4-unit-210715-00159-r.jpg
townsquare.media/site/442/files/2023/02/
132 KB
133 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/02/attachment-jw4-unit-210715-00159-r.jpg?w=980&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / Express
Resource Hash
8dab8e1efd6eccf763e362ee81b36e8c76d55e9471413fea11fa73ee8241c76f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:00 GMT
via
1.1 varnish
age
3018658
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
135634
last-modified
Thu, 16 Feb 2023 15:16:10 GMT
server
ECS (frb/6796)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
2756918564
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:47:59 GMT
cogitoergosum
cdn.production.townsquareblogs.com/rest/high/api/ Frame D495
128 B
456 B
Fetch
General
Full URL
https://cdn.production.townsquareblogs.com/rest/high/api/cogitoergosum
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/aleph/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.218 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
f21e20915944dce99072b1798e257fa6021c798d9b927db2dbd5c9f375fb0233
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://cdn.production.townsquareblogs.com/aleph/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:00 GMT
server
nginx
etag
W/"80-45OTBk3BoH2U438P/nf/qcgssMM"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
carbon
content-length
128
expires
Thu, 23 Mar 2023 13:47:59 GMT
collect
stats.g.doubleclick.net/j/
4 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-19109753-17&cid=1811574923.1679579281&jid=934092905&gjid=599000255&_gid=1180523687.1679579281&_u=YGBAgAADAAAAAE~&z=538636136
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-19109753-35&cid=1811574923.1679579281&jid=1562774194&gjid=1596639820&_gid=1180523687.1679579281&_u=YGDAgAADAAAAAE~&z=2048678127
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-19109753-60&cid=1811574923.1679579281&jid=1413141092&gjid=1878670927&_gid=1180523687.1679579281&_u=YGDAgAADAAAAAE~&z=1632383924
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
145 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1270926540&t=event&_s=1&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blogroll&ea=impression&el=&_u=6GDAAAADAAAAAGg~&jid=1300843724&gjid=1687755206&cid=1811574923.1679579281&tid=UA-115003007-4&_gid=1180523687.1679579281&_r=1&_slc=1&cd1=&cd2=n%2Fa&cd3=n%2Fa&cd4=no&cd5=no&did=i5iSjo&z=1898768732
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
194 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1270926540&t=pageview&_s=1&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAD~&jid=934092905&gjid=599000255&cid=1811574923.1679579281&tid=UA-19109753-17&_gid=1180523687.1679579281&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=404&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&did=i5iSjo&z=1522021289
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70969
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1270926540&t=pageview&_s=1&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAE~&jid=1562774194&gjid=1596639820&cid=1811574923.1679579281&tid=UA-19109753-35&_gid=1180523687.1679579281&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=404&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&did=i5iSjo&z=378213391
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70969
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1270926540&t=pageview&_s=1&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgAADAAAAAE~&jid=1413141092&gjid=1878670927&cid=1811574923.1679579281&tid=UA-19109753-60&_gid=1180523687.1679579281&_av=2.4.1&_au=20&cd1=&cd2=&cd3=&cd4=404&cd5=&cd6=&cd7=standard&cd8=&cd9=A&cd10=no&cd12=&cd13=&cd14=&cd15=&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36&did=i5iSjo&z=1106585548
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70969
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/
336 B
692 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3227&u=https%3A%2F%2Fscreencrush.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f4f014cb74f3b341e5b43171bf87d57f3a7b878653f4a164d966cd6eea535a82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 10:36:03 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
11516
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
336
x-amz-cf-id
9LsNLag1uj_f4IAi9JlPeVnnQWgDvrYjBwblILePqhehgNmO5a08YQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
V2lSIFfe30G.NOL3Jg0JvcKQw0PMFHNY
content-encoding
gzip
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
date
Wed, 22 Mar 2023 23:11:56 GMT
x-amz-cf-pop
FRA56-P6
age
53306
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 21 Mar 2023 22:59:14 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
QFQnWDl0YwRCHXKebV4wuMLCEIlhDJeJ8ywEhxD6aGHDa4oEzvjCSA==
rid
match.adsrvr.org/track/
63 B
389 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186854
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
743ec374ade43546c4bbbed1458ba9481d03834d6dd3e74c4aeafe0a776ade33

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://screencrush.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Apr 2023 13:48:01 GMT
identity
api.rlcdn.com/api/
44 B
359 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/
251 KB
87 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a12e5839bee50279e4b804e234f9b59d5ce94ff958341f64d56fbb5ca4832714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 17:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88199
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 17:19:47 GMT
subscribe_embed
www.youtube.com/ Frame 567C
2 KB
2 KB
Document
General
Full URL
https://www.youtube.com/subscribe_embed?usegapi=1&channel=screencrush&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fscreencrush.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdde337ccd239c82acdf867448c976cf998b4e6eb6d0414babde3ba82f514786
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 23 Mar 2023 13:48:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/
734 B
572 B
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=ytsubscribe/exm=auth/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
787c0728e67cac0b6183ff5934311be7677c5e7301261a46672699bf29ae0221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 17:30:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
245837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
477
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 17:30:43 GMT
pubads_impl_2023032001.js
securepubads.g.doubleclick.net/gpt/
396 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023032001.js?cb=31073316
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 11:40:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136699
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Mar 2024 11:40:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
2 KB
1 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=screencrush.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
464324cb16407d597cc1b6b88302232a3ecb49f37c9623d798ad12fb6ac86f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
526
x-xss-protection
0
expires
Thu, 23 Mar 2023 13:48:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400italic,500,500italic,700,300italic,300%7CRoboto+Condensed:300,400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options
nosniff
age
191422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:39 GMT
cogitoergosum
screencrush.com/rest/high/api/
22 B
135 B
Fetch
General
Full URL
https://screencrush.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Thu, 23 Mar 2023 13:48:00 GMT
cogitoergosum
screencrush.com/rest/high/api/
22 B
89 B
Fetch
General
Full URL
https://screencrush.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Thu, 23 Mar 2023 13:48:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1270926540&t=event&_s=2&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blogroll&ea=impression&el=sidebar_thumb_title_date&_u=6GDAAAADAAAAAGg~&jid=&gjid=&cid=1811574923.1679579281&tid=UA-115003007-4&_gid=1180523687.1679579281&cd1=ts_blogroll&cd2=Latest%20Movie%20%2B%20TV%20News&cd3=2&cd4=no&cd5=no&cd6=ts_blogroll-1283&did=i5iSjo&z=1535106396
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70970
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1270926540&t=event&_s=3&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=blogroll&ea=impression&el=sidebar_thumb_title_date&_u=6GDAAAADAAAAAGg~&jid=&gjid=&cid=1811574923.1679579281&tid=UA-115003007-4&_gid=1180523687.1679579281&cd1=ts_blogroll&cd2=Lists&cd3=4&cd4=no&cd5=no&cd6=ts_blogroll-1284&did=i5iSjo&z=1959790048
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
70970
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1a
i.clean.gg/
0
104 B
XHR
General
Full URL
https://i.clean.gg/1a
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1a
i.clean.gg/ Frame
0
0
Preflight
General
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://screencrush.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx/1.21.6
via
1.1 google
sdk.js
connect.facebook.net/en_US/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=99b503fa2a65ced18b083742ee59279d
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09d23b69155c0f0a464570ca5d8793528a94a2dc673a09313b077c2fc91d4f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://screencrush.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 13:48:01 GMT
content-md5
0Fk3qbnXjgfttHXsikXSmA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88589
x-fb-rlafr
0
x-fb-debug
HuT2x5jWsCw4giBXRRzNkpWyScsktRUNMGQHVhbH/vkhHtYmVDqnm4PLRCXES7U2+KsH6n9tlIKcR0VM7y9rgw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
2e190e0e767a7f8c7ac85001fa02d533
cross-origin-opener-policy
same-origin-allow-popups
etag
"965822c590313dc3083fde1517eb6ceb"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Mar 2024 13:00:41 GMT
cogitoergosum
screencrush.com/rest/high/api/
22 B
89 B
Fetch
General
Full URL
https://screencrush.com/rest/high/api/cogitoergosum
Requested by
Host: townsquare.media
URL: https://townsquare.media/public/dist/desktop/main.bundle.576396640674f421805c55696d3f5f17b454bbee.js?mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx
etag
W/"16-hwbt/zjXQQMHygKQH7w48NgHuys"
x-powered-by
Express
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
x-ua-device
desktop
cache-control
no-cache
gdpr-source
DE
x-device
desktop
content-length
22
expires
Thu, 23 Mar 2023 13:48:00 GMT
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1270926540&t=event&_s=1&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ul=en-us&de=UTF-8&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=adblock&ea=detection&el=off&_u=6GDAAAADAAAAAGg~&jid=816877952&gjid=991452952&cid=1811574923.1679579281&tid=UA-115003007-7&_gid=1180523687.1679579281&_r=1&_slc=1&did=i5iSjo&z=1774194637
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
232 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GGT2X929YG&l=dataLayer&cx=c
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f23a9152d3a1e3d35f8221b5fefde2b762439140dede20024f93ea1cb4829c44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81803
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Mar 2023 13:48:01 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 672C
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fscreencrush.com
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
665715
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Mar 2023 13:48:01 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6794)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-19109753-17&cid=1811574923.1679579281&jid=934092905&_u=YGBAgAADAAAAAE~&z=610746959
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-19109753-17&cid=1811574923.1679579281&jid=934092905&_u=YGBAgAADAAAAAE~&z=610746959
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-19109753-60&cid=1811574923.1679579281&jid=1413141092&_u=YGDAgAADAAAAAE~&z=1250658952
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-19109753-60&cid=1811574923.1679579281&jid=1413141092&_u=YGDAgAADAAAAAE~&z=1250658952
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-19109753-35&cid=1811574923.1679579281&jid=1562774194&_u=YGDAgAADAAAAAE~&z=477192818
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-19109753-35&cid=1811574923.1679579281&jid=1562774194&_u=YGDAgAADAAAAAE~&z=477192818
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attachment-attachment-loki-was-right-1-4-2.jpg
townsquare.media/site/442/files/2022/07/
12 KB
12 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2022/07/attachment-attachment-loki-was-right-1-4-2.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx / Express
Resource Hash
14f1438ef653c04f79b676b4146f6aa4b68ca9ef3c1165c337b5d76f0b3a1fb1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12394
last-modified
Fri, 08 Jul 2022 01:23:09 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3400553923
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-mandalorian-chapter-20.jpg
townsquare.media/site/442/files/2023/03/
17 KB
17 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-mandalorian-chapter-20.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) / Express
Resource Hash
018a24a216c8b79ec9bd916f259073ff71a854d805b6a9c48c7323e2fc44caa3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
50440
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
17068
last-modified
Wed, 22 Mar 2023 22:33:46 GMT
server
ECS (frb/6711)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3902334366 3902110201
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-BEST-MOVIES.jpg
townsquare.media/site/442/files/2023/03/
16 KB
16 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-BEST-MOVIES.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6795) / Express
Resource Hash
75807caaed3d3515900c83fe448815d7ce424692b99dfb8a6e54a85635448abc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
514854
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
16587
last-modified
Fri, 17 Mar 2023 14:46:29 GMT
server
ECS (frb/6795)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3290080263
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-every-dc-film-ranked-2023.jpg
townsquare.media/site/442/files/2022/10/
22 KB
22 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2022/10/attachment-every-dc-film-ranked-2023.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) / Express
Resource Hash
865627ca9de67b472d856ed840ffd693c9dc5a2bebac886c3c59c6a7a6ebec7a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
601505
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
22597
last-modified
Thu, 16 Mar 2023 14:41:46 GMT
server
ECS (frb/6724)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3268850479
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-tv-shows-that-couldnt-get-made-today.jpg
townsquare.media/site/442/files/2023/03/
19 KB
19 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-tv-shows-that-couldnt-get-made-today.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) / Express
Resource Hash
7f9921b1bfb6c284642ae04465bdf3aadffa380b55617fd4f4dab2cf25c4ef55
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
777168
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
19703
last-modified
Tue, 14 Mar 2023 13:55:07 GMT
server
ECS (frb/67BE)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3741205810
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-worst-80s-movies-letterboxd-444.jpg
townsquare.media/site/442/files/2023/03/
11 KB
11 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-worst-80s-movies-letterboxd-444.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) / Express
Resource Hash
a6027f08af190d950299bfeaef9224db25e3e684d7f250577527c7b92889d439
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
1100418
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
11496
last-modified
Fri, 10 Mar 2023 20:07:39 GMT
server
ECS (frb/668B)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3675516366 3675514126
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-jw4-unit-211022-00964-r.jpeg
townsquare.media/site/442/files/2023/03/
20 KB
20 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-jw4-unit-211022-00964-r.jpeg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D5) / Express
Resource Hash
c6fe6523750e542e1f5a877b311acc915d85ccc9938a2edf7db330fbaae14715
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
252326
x-powered-by
Express
x-cache
HIT
x-carbon-image
streamed-queue
x-ua-device
desktop
x-device
desktop
content-length
20144
last-modified
Mon, 20 Mar 2023 15:42:35 GMT
server
ECS (frb/67D5)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3857237399
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-shazam-2-mirren.jpeg
townsquare.media/site/442/files/2023/02/
26 KB
26 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/02/attachment-shazam-2-mirren.jpeg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F3) / Express
Resource Hash
374de9468ecc666958cc68f9556aad13f86f5041b5f5d3780497b027adcf2187
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
659922
x-powered-by
Express
x-cache
HIT
x-carbon-image
streamed-queue
x-ua-device
desktop
x-device
desktop
content-length
26634
last-modified
Wed, 15 Mar 2023 22:43:08 GMT
server
ECS (frb/67F3)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3769375471 3769205844
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
attachment-scream-vi-1.jpg
townsquare.media/site/442/files/2023/03/
8 KB
8 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2023/03/attachment-scream-vi-1.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) / Express
Resource Hash
b8c297067bf45604161019f2901ebe90a40e6b8c6c0a4e12328598b49b1f5ba4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
1290001
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
8091
last-modified
Wed, 08 Mar 2023 15:27:44 GMT
server
ECS (frb/6762)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3633409836
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
top5_XMEN_NEVER_MADE.png
townsquare.media/site/442/files/2017/02/
60 KB
60 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2017/02/top5_XMEN_NEVER_MADE.png?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) / Express
Resource Hash
82cb810a8d8f5dd9b5aa168bc380a360d644969bd9e6dc39995debe964418398
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
B
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
1654326
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
61051
last-modified
Tue, 12 Apr 2022 06:22:52 GMT
server
ECS (frb/67A7)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
3043273775
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
top5_BATMAN_MOMENTS.png
townsquare.media/site/442/files/2017/02/
64 KB
64 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2017/02/top5_BATMAN_MOMENTS.png?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) / Express
Resource Hash
7d70692cac884866a6bfc2255a19c7e3fff39c69a5882e708fcd2a599de02c97
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
1654325
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
65817
last-modified
Tue, 12 Apr 2022 06:22:52 GMT
server
ECS (frb/67C2)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
3043273845
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
top5_STAR_WARS_RECUT.png
townsquare.media/site/442/files/2017/01/
72 KB
72 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2017/01/top5_STAR_WARS_RECUT.png?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) / Express
Resource Hash
3e9b699efbada06bdb20a707f49176109c3d13ba7937afb97fb97eeacaae9bd9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
1654325
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
73584
last-modified
Tue, 12 Apr 2022 06:22:52 GMT
server
ECS (frb/6712)
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
x-varnish
3043273852
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
o-LINCOLN-REVIEW-facebook.jpg
townsquare.media/site/442/files/2016/11/
12 KB
12 KB
Image
General
Full URL
https://townsquare.media/site/442/files/2016/11/o-LINCOLN-REVIEW-facebook.jpg?w=300&q=75
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6796) / Express
Resource Hash
109c05b8137b27c41b811f3da07369468f9a4ca8507df86c6e0e192325235906
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 varnish
age
1752677
x-powered-by
Express
x-cache
HIT
x-carbon-image
compressed-gm
x-ua-device
desktop
x-device
desktop
content-length
12457
last-modified
Tue, 12 Apr 2022 06:22:52 GMT
server
ECS (frb/6796)
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
3533575021
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:00 GMT
pinit_main.js
assets.pinterest.com/js/
66 KB
19 KB
Script
General
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.0764756939321638
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

akamai-x-true-ttl
300
content-encoding
br
x-cdn
akamai
etag
"3725764cf05d1a0938de73d398772331"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=181
accept-ranges
bytes
content-length
18679
impl.20230323-7-RELEASE.js
cdn.taboola.com/libtrc/
740 KB
155 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230323-7-RELEASE.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1a7eefdf598c9192044b770b3c7aca913cc5715039a70b2d7ab5cafa7b1f55eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
qRMky1GO9qRS.OwQfFKaTGMQHjdpxPSj
content-encoding
br
via
1.1 varnish
date
Thu, 23 Mar 2023 13:48:01 GMT
x-amz-request-id
SKEW4069W8Y7SNYB
age
11755
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
158244
x-amz-id-2
lrPT1xANwfzVahwYIZFA7FK6BES++V4j2n+6sJbQrR08INXU5WxIjAZwb8Ag4+t9KrLvqdHFFeU=
x-served-by
cache-fra-eddf8230086-FRA
last-modified
Thu, 23 Mar 2023 10:30:50 GMT
server
AmazonS3-br
x-timer
S1679579281.237207,VS0,VE0
etag
"e69c98e2035344ea60fc6184f5943289"
vary
Accept-Encoding
content-type
application/javascript
abp
17
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
32188
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 01:19:46 GMT
content-encoding
gzip
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
44896
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
OpISrWi-gYzVMa0_o2fJQlg81utyxucsFmxx8Pc0zmaHgJdP39TyRQ==
www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 567C
38 KB
6 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=screencrush&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fscreencrush.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=screencrush&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fscreencrush.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 17:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6066
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Mar 2024 17:28:38 GMT
www-subscribe-embed_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 567C
252 KB
72 KB
Script
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channel=screencrush&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fscreencrush.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?usegapi=1&channel=screencrush&count=hidden&layout=default&theme=default&origin=https%3A%2F%2Fscreencrush.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 17:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73785
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 17 Mar 2024 17:28:38 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/
54 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.242.211 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-242-211.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Mar 2023 14:03:01 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/
0
456 B
XHR
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.32.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-32-203.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 13:48:01 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
headerstats
as-sec.casalemedia.com/
0
498 B
XHR
General
Full URL
https://as-sec.casalemedia.com/headerstats?s=254982&u=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186854-113710634486999.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwXUJ86fhqwws7DVN1bA1lnzKTSBVYLvJhcQlxWvx34KWpuEsd5195Aw%2FImG8LACMRC2pow7X77yED2zunOWCLxckFjW9QoO9nkzRsCl2WYsttSgE60WnqhcVI7mjCe5x9%2FwtMSSnVs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://screencrush.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac7212c8edc9b94-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame
0
0
Preflight
General
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.32.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-32-203.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://screencrush.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 23 Mar 2023 13:48:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 567C
156 B
277 B
Image
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Sep 2020 20:15:00 GMT
server
sffe
age
70970
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 18:05:11 GMT
bid
aax.amazon-adsystem.com/e/dtb/
64 B
502 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&pid=PbSfRMUJyJcGj&cb=0&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-970a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2Ftsm-ad-970a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728a%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2Ftsm-ad-728a%22%2C%22kv%22%3A%7B%7D%7D%2C%7B%22sd%22%3A%22tsm-ad-728b%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2Ftsm-ad-728b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
A1PH7XGK0WQBTTHRYMKN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
uiv1HDG-6H6y3HTsWb6cG9lFNa-TXDPZC3A53Tc6XJ-gq4Rga4o0Yg==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
501 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&pid=PbSfRMUJyJcGj&cb=1&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300a%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2Ftsm-ad-300a%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
DRMSHJCCEK8C9N8BR26K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
RCelvDxY_K7FMsft4__nt_zdhOrgK4Ue77JlitFlXZOemiI5b0nSvA==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
501 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&pid=PbSfRMUJyJcGj&cb=2&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300b%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2Ftsm-ad-300b%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
B0KZRNZ1Q1Z5VCMNFQPD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
bmaoAlLCi2Eflorc-6eCCL7eJPeek2-E4JQARh_0Q-Ef1sdJbtPE8w==
bid
aax.amazon-adsystem.com/e/dtb/
64 B
502 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3227&u=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&pid=PbSfRMUJyJcGj&cb=3&ws=1600x1200&v=23.320.1710&t=2000&slots=%5B%7B%22sd%22%3A%22tsm-ad-300c%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2Ftsm-ad-300c%22%2C%22kv%22%3A%7B%7D%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.99.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-99-209.prg50.r.cloudfront.net
Software
Server /
Resource Hash
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
x-amz-rid
N3N1TQS19NKHY3NQE08F
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
LHsf2G3WDytie3k2WAfpL8ZGiiC0jPsOowzjAAkN8OtMvKTAPhEmDw==
8328825
fundingchoicesmessages.google.com/i/
133 KB
45 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/8328825?ers=3
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb1cc21e247d8fd887e42444a586793d7ef95f34358399f4cca21a30c5687f84
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u0uZmz4cr9gv8SXp01fbqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-u0uZmz4cr9gv8SXp01fbqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 83ED
565 B
809 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fscreencrush.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2962c93750c8aa352c52532315c935b5949deef67b1f8c41a6ff1578a8a34b82
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-eM-yY_BK_Akn3OccCvQyLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-eM-yY_BK_Akn3OccCvQyLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
253 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JH4B2T8ZH6&gtm=45je33k0&_p=1270926540&_gaz=1&cid=1811574923.1679579281&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679579281&sct=1&seg=0&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&en=page_view&_fv=1&_ss=1&ep.call_sign=ScreenCrush&ep.site_classification=National&ep.genre=movies-tv&ep.market=National&ep.site_type=National&ep.tags=&ep.categories=&ep.gtm_version=52&ep.page_type=404&ep.author=&ep.publish_date=&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=45je33k0&_p=1270926540&_gaz=1&cid=1811574923.1679579281&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679579281&sct=1&seg=0&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&en=page_view&_fv=1&_ss=1&ep.call_sign=ScreenCrush&ep.site_classification=National&ep.genre=movies-tv&ep.market=National&ep.site_type=National&ep.tags=&ep.categories=&ep.gtm_version=52&ep.page_type=404&ep.author=&ep.publish_date=&ep.view_type=standard&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GGT2X929YG&cid=1811574923.1679579281&gtm=45je33k0&aip=1
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GGT2X929YG&cid=1811574923.1679579281&gtm=45je33k0&aip=1&z=250304157
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
settings
syndication.twitter.com/ Frame 672C
663 B
605 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=90d2274c050a1e35ccb2a8a8b51bea4bee2479ec
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fscreencrush.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-response-time
105
date
Thu, 23 Mar 2023 13:48:00 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Thu, 23 Mar 2023 13:48:01 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
471ba9a1e6b82dd7
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
c4c8438a51efed291cbbaa9da9219359ba674bffb8f85c3ebe2b0d28e30f82b6
content-length
284
teju-webclient.min.js
static.solutionshindsight.net/teju-webclient/
92 KB
28 KB
Script
General
Full URL
https://static.solutionshindsight.net/teju-webclient/teju-webclient.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-6.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a3233a579da50ea2aabd916df328d3a4450c41924c7f2ccf8bbfaf4daa581a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 17:43:38 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
etag
"493aed28786a26b5f276c966c7aa27f0"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
28149
x-amz-cf-id
qHJEjvb4NNU8wQlxnz68yfVMFtFd7S0nLHQoJcSX-4mEaoIujqc82w==
tag.js
a.teads.tv/analytics/
11 KB
4 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
HNCSKCWQWXG97WK0
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
IV/iLOAQ+TdvPm0JAyzhJQxobzxqmSyx3tgyvedXApyIuggDD79cfSq/MxhZLcL446xj8+GKrkw=
pbjs
htlb.casalemedia.com/openrtb/
36 B
568 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=257438
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9a291757ca2c611ebd90212efaaa0f2ce53908cbcb5ed6679b671c3a9f0c16

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E%2F8hay4Lug7atdqwZETS0%2F4sEvTCBtGjTPQlQ7aHCuBGFRedpNmf1DVh6%2BCeABwAzmNE%2BC5LVxIlRUTMcPwxJgziTWVpDN88yfq%2BtFCuQ8DKw8FBM010vyt%2Btq9o6scFZQwMCif"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac7212dfd200493-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
hb
hb.undertone.com/
0
559 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2552&domain=screencrush.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-106.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
x-amz-cf-id
O_w-4GBh-1azJmaGorDwrzTtm4iTlE3XZkah1HE8eHwr_BpWcdVKIA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/
19 B
505 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.36.0&referrer=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.195.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-195-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/
16 B
201 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
ib.adnxs.com/ut/v3/
472 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
acf80af758efd9badc67bd14a3ea03f357c66ccb5532514ec356318d6c6ab742
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
AN-X-Request-Uuid
69fb3e62-36e9-48f3-8124-3c7ea2d4a080
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://screencrush.com
date
Thu, 23 Mar 2023 13:48:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/
338 B
318 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d9a7517e138a924d16140fbc534bd50783da481206bdfeaa84f64888ce9f9c2e

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 23 Mar 2023 13:48:01 GMT
arj
townsquaremedia-d.openx.net/w/1.0/
73 B
377 B
XHR
General
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=367f6406-a3fd-4d40-9462-b4444f73dc48%2Ca2da28f1-c272-4840-865b-8b22b622fab7%2Cb7387b2d-b67d-4b44-8092-27f068958c19&nocache=1679579281503&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=728x90%7C728x90%7C970x250&divids=tsm-ad-728a%2Ctsm-ad-728b%2Ctsm-ad-970a&aucs=%252F8328825%252Fnational%252FScreenCrush%252F404%2523tsm-ad-728a%2C%252F8328825%252Fnational%252FScreenCrush%252F404%2523tsm-ad-728b%2C%252F8328825%252Fnational%252FScreenCrush%252F404%2523tsm-ad-970a&auid=540963438%2C540963438%2C540963440&aumfs=250%2C250%2C250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
93c49eb7a1b379a2eaed44b734895c41b2b8d2c2709c4f9630ac7ee719e6dfb7

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/
865 B
1019 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1679579281505&to=0&aun=tsm-ad-728a&gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728a&maxw=728&maxh=90&si=9106&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.36.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.209.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-209-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92abfa02948c61520e4497857195f280b5ff78e5f3783fd50dd736f338b55c3f

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
865 B
1022 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1679579281506&to=0&aun=tsm-ad-728b&gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728b&maxw=728&maxh=90&si=9107&pi=3&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.36.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.209.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-209-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
056402395b15f9f69b3eb9177664f4632bb055c46c2444f36a6f3fd9f4e2511c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
450 B
783 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836148&size_id=2&p_pos=atf&rf=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&kw=tsm-ad-728a&tg_i.page=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tg_i.domain=screencrush.com&tg_i.pbadslot=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728a&tk_flint=pbjs_lite_v7.36.0&x_source.tid=367f6406-a3fd-4d40-9462-b4444f73dc48&l_pb_bid_id=40ba1381fc6bb89&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728a&slots=1&rand=0.6319338156099752
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1dfdbee98b262621960d3b06baabd805283cd8256d3ae541f6b3c0def4c02a92

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
450
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
450 B
783 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836148&size_id=2&rf=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&kw=tsm-ad-728b&tg_i.page=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tg_i.domain=screencrush.com&tg_i.pbadslot=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728b&tk_flint=pbjs_lite_v7.36.0&x_source.tid=a2da28f1-c272-4840-865b-8b22b622fab7&l_pb_bid_id=416e10bb87a3b8b&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728b&slots=1&rand=0.15566156748011672
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
229ddc02054f87718673c4948d6c801859ba1c4944633088224ae23336641ad6

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
450
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
451 B
1010 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836148&size_id=57&p_pos=atf&rf=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&kw=tsm-ad-970a&tg_i.page=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tg_i.domain=screencrush.com&tg_i.pbadslot=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-970a&tk_flint=pbjs_lite_v7.36.0&x_source.tid=b7387b2d-b67d-4b44-8092-27f068958c19&l_pb_bid_id=426a9f5f7d381e3&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-970a&slots=1&rand=0.28433785533180767
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d69b4856c064a3d481301694c8adc94ffef9d13cc2194098b47bedf555b1becb

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
451
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
krk.kargo.com/api/v2/
2 B
650 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b62874ba-f6ea-4d82-ab04-20d33a286a4d%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1679579281511%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%224809dc3240ca69c%22%3A%22_wPlmCMrvTH%22%2C%2249921efe973dc56%22%3A%22_wPlmCMrvTH%22%2C%2250963a0c1bf11a1%22%3A%22_wPlmCMrvTH%22%7D%2C%22bidSizes%22%3A%7B%224809dc3240ca69c%22%3A%5B%5B728%2C90%5D%5D%2C%2249921efe973dc56%22%3A%5B%5B728%2C90%5D%5D%2C%2250963a0c1bf11a1%22%3A%5B%5B970%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22367f6406-a3fd-4d40-9462-b4444f73dc48%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%22%7D%2C%22pbadslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728a%22%7D%2C%22gpid%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728a%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728a%22%2C%22transactionId%22%3A%22367f6406-a3fd-4d40-9462-b4444f73dc48%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%224809dc3240ca69c%22%2C%22bidderRequestId%22%3A%2247d05c42a51a33e%22%2C%22auctionId%22%3A%22971fa084-b5fa-4dbc-933d-30308c8a1895%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.validate%22%3A0.2999992370605469%2C%22requestBids.makeRequests%22%3A4%2C%22adapter.client.validate%22%3A0.09999942779541016%2C%22adapters.client.kargo.validate%22%3A0.09999942779541016%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22a2da28f1-c272-4840-865b-8b22b622fab7%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%22%7D%2C%22pbadslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728b%22%7D%2C%22gpid%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728b%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-728b%22%2C%22transactionId%22%3A%22a2da28f1-c272-4840-865b-8b22b622fab7%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%2249921efe973dc56%22%2C%22bidderRequestId%22%3A%2247d05c42a51a33e%22%2C%22auctionId%22%3A%22971fa084-b5fa-4dbc-933d-30308c8a1895%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.validate%22%3A0.2999992370605469%2C%22requestBids.makeRequests%22%3A4%2C%22adapter.client.validate%22%3A0.09999942779541016%2C%22adapters.client.kargo.validate%22%3A0.09999942779541016%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_wPlmCMrvTH%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22b7387b2d-b67d-4b44-8092-27f068958c19%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%22%7D%2C%22pbadslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-970a%22%7D%2C%22gpid%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-970a%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B970%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-970a%22%2C%22transactionId%22%3A%22b7387b2d-b67d-4b44-8092-27f068958c19%22%2C%22sizes%22%3A%5B%5B970%2C250%5D%5D%2C%22bidId%22%3A%2250963a0c1bf11a1%22%2C%22bidderRequestId%22%3A%2247d05c42a51a33e%22%2C%22auctionId%22%3A%22971fa084-b5fa-4dbc-933d-30308c8a1895%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.10000038146972656%2C%22requestBids.validate%22%3A0.2999992370605469%2C%22requestBids.makeRequests%22%3A4%2C%22adapter.client.validate%22%3A0.09999942779541016%2C%22adapters.client.kargo.validate%22%3A0.09999942779541016%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.124.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-124-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bid-request
a.teads.tv/hb/
16 B
389 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Mar 2023 13:48:01 GMT
trinity.json
apex.go.sonobi.com/
136 B
1 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2256abb32ee43e317%22%3A%22bd9353b0b56f14676b5d%7C728x90%7Cgpid%3D%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728a%2Cc%3Dd%2C%22%2C%2257f6b45bd7819e5%22%3A%22c99a69f0d282bf033c3f%7C728x90%7Cgpid%3D%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-728b%2Cc%3Dd%2C%22%2C%225858d6640ba27f%22%3A%22f77cce5412c0bdd56dca%7C970x250%7Cgpid%3D%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-970a%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&s=6cb546ad-f2b5-42cd-855b-375d08d8d4d6&pv=80c15831-a349-4682-bbf6-fb5a4d788f19&vp=desktop&lib_name=prebid&lib_v=7.36.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
295275b4ed33d154c7f1ee12b4cadefe52bb73b0ae10710e36c9f51dd0ff63b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-50
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
132
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/
2 B
678 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b62874ba-f6ea-4d82-ab04-20d33a286a4d%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1679579281517%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22602571881a63b89%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22602571881a63b89%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%229cebcd3f-c77c-48f3-9196-d486ee4d8873%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%22%7D%2C%22pbadslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300a%22%7D%2C%22gpid%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300a%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300a%22%2C%22transactionId%22%3A%229cebcd3f-c77c-48f3-9196-d486ee4d8873%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22602571881a63b89%22%2C%22bidderRequestId%22%3A%22592d4578939349f%22%2C%22auctionId%22%3A%221d1b5c2c-9374-43e8-a9ed-b343a528e657%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.19999980926513672%2C%22requestBids.validate%22%3A0.10000038146972656%2C%22requestBids.makeRequests%22%3A1.1000003814697266%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.124.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-124-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
hb
hb.undertone.com/
0
559 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2552&domain=screencrush.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-106.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
x-amz-cf-id
aboGg2IdINncoh_gFZQgcTD9I2JZ_kE1gxO53-bDDBSqKAkVpWEDnA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
116 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://screencrush.com
date
Thu, 23 Mar 2023 13:47:59 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/
865 B
1021 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1679579281519&to=0&aun=tsm-ad-300a&gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300a&maxw=300&maxh=600&si=9103&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.36.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.209.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-209-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c47456b9566b0f3776e0645e7b885b9c9b6ac9bf06140689165306ea1d5db1a1

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
trinity.json
apex.go.sonobi.com/
820 B
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%227072e20dc02569a%22%3A%22e4cc28fe00d33a22ec11%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300a%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&s=321ca0ed-a573-4e2e-869c-0954fc0199db&pv=80c15831-a349-4682-bbf6-fb5a4d788f19&vp=desktop&lib_name=prebid&lib_v=7.36.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
dc2fd9d659522306153c27c31a5482cfe8ba2714a12d63a5b69961a38a6ee832
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:02 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-99
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
476
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/
19 B
506 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.36.0&referrer=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.195.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-195-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
accept-ch
sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
content-type
application/json; charset=utf-8
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v2
e.serverbid.com/api/
16 B
389 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
prebid.media.net/rtb/
338 B
601 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a296023a180e4ffaa92ee13db4384b04b986c8d8ccb047946e1a7217473aa676

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 23 Mar 2023 13:48:01 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
471 B
801 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836148&size_id=15&alt_size_ids=10&p_pos=atf&rf=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&kw=tsm-ad-300a&tg_i.page=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tg_i.domain=screencrush.com&tg_i.pbadslot=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300a&tk_flint=pbjs_lite_v7.36.0&x_source.tid=9cebcd3f-c77c-48f3-9196-d486ee4d8873&l_pb_bid_id=78929758640b35d&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300a&slots=1&rand=0.11856487429934681
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
efd0be33f9092f48675b10fb43ca7a99a99b16ce8231327b542509502ed21a50

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
471
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/
37 B
314 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=257435
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448bf7d2721b0d116937b586b88ba7a3008edaa9a4bfaf254f4a3d73ae5587f0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pi7btLyIbdk%2Bib4PtkTMyTivmZZ4U4rk%2BwD1OHR5EyU2aK3byUqYtzfzB7zjfCrnvzLnIV%2B%2Ffm2DxLIDfkrZhaKUgGIq43mta6Ozx47EzBbuB3ghibmY%2Fv6U2x0iG81e1eia7UN8"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac7212dfd260493-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bid-request
a.teads.tv/hb/
16 B
389 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:03 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Mar 2023 13:48:03 GMT
arj
townsquaremedia-d.openx.net/w/1.0/
73 B
145 B
XHR
General
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9cebcd3f-c77c-48f3-9196-d486ee4d8873&nocache=1679579281524&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C300x600&divids=tsm-ad-300a&aucs=%252F8328825%252Fnational%252FScreenCrush%252F404%2523tsm-ad-300a&auid=540963437&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a00ea2b109201b63ed58354dbf97508412d4bdfbb0725b8c8b2357d69e4b91af

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
138 B
943 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6fa031e2604f8c454f5975f1451a613815695e469525449d7af45ef198b6b8ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
AN-X-Request-Uuid
dfc99548-102c-4c98-989c-012a0ab267b4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ Frame 567C
134 KB
45 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
190f26b6ca8a373b93ebb537988f426953885e75816de2ef852f03f63a71e4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 17:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45755
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 17:18:46 GMT
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
427273
expires
60
cspreport
accounts.google.com/o/ Frame 83ED
0
250 B
Other
General
Full URL
https://accounts.google.com/o/cspreport
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-gSZ0JDRnhIc17ICyITlCAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fscreencrush.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-gSZ0JDRnhIc17ICyITlCAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
611095756-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 83ED
10 KB
5 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fscreencrush.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 18 Mar 2023 21:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4526
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 20:10:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="federated-signon-mpm-access"
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Mar 2024 21:55:14 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 83ED
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fscreencrush.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6c73a03dc02abde16f105eb0ab4f624075e1ea82e650f6b60df652b29fed690
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Mar 2023 13:48:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6900
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"18dba4376e9aa145"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Mar 2023 13:48:01 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=856098531951831&input_token&origin=1&redirect_uri=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&sdk=joey&wants_cookie_data=false
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 23 Mar 2023 13:48:01 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
WLOv/NgASYKfzWQPejY+0yKTr/5f6RnCX41qRUP8ou/q2kgnKAtqRaHGa6TSKdye2mDyZ+u72Wco4iSuDMhkbA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://screencrush.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
b
sb.scorecardresearch.com/
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1679579281698&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&c8=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&c9=
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
G_DRBrus_NIk8u91z_h6l_s4-oXSfHb9bMzvX6OsWnYjb-QO6bE4MQ==
x-cache
Miss from cloudfront
AGSKWxUztnBh50dpvBJedb7gyqswdc3jKYmd5Lfn0LNw3u7-dsF7czpcrAbh1y2Ijhehhd0K3atlrznvlrVk_DFk3-4=
fundingchoicesmessages.google.com/f/
340 KB
48 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUztnBh50dpvBJedb7gyqswdc3jKYmd5Lfn0LNw3u7-dsF7czpcrAbh1y2Ijhehhd0K3atlrznvlrVk_DFk3-4=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc5NTc5MjgxLDc5OTAwMDAwMF0sIjY2NEY5QjI1LUVCQjYtNEUzQi1CMEMzLUFENzQ3MzMwNjQ2MiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vc2NyZWVuY3J1c2guY29tL3NwYy8iLG51bGwsW1s4LCIzdW93YTZMNWM4QSJdLFs5LCJkZSJdXV0
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e81cba87ee29acd5dd790a9704e2baa2aec7cf116b8ce61c031ac43bd38c5082
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SsLVwIrViN2YF3aGPyIHaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SsLVwIrViN2YF3aGPyIHaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
fpc
at.teads.tv/
0
338 B
XHR
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_19545&tfpvi=&gdpr_status=21&gdpr_reason=240&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:02 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 23 Mar 2023 13:48:02 GMT
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:01 GMT
Content-Encoding
gzip
Age
665715
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/6776)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ Frame 83ED
58 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88bbc4ebfcf9a284985af6d84ff1e7cf313314a72ba1e327a8c7ece5d476a621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:42:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20939
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Mar 2024 11:42:19 GMT
cb=gapi.loaded_2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/
27 KB
9 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_2?le=scs
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d67a85dad8ec48546000be4776533595f7f224f7fe7ecae8e4f719e3fef8748c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 17:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246555
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9172
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 17:18:46 GMT
tag
btloader.com/
51 KB
13 KB
Script
General
Full URL
https://btloader.com/tag?o=5642230212591616&upapi=true
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7591ee21704a922a3dcaea04873344a8f4f5a2ec33239184b1bc88b0fa7e5083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 12:50:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3246
etag
W/"ff1d4a126a92ac35d4a750a74e837a62"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEaPmki1FGZ0Ai9%2FePYob2La5RtkeLSLyv6PjozTxxMOkBizEKYtM8iEhfz%2FdhrPlSoOJguSvRqJ1ipJff%2FDZxIXBKcbs7LPiC4wZtJQdakWJqbyV7klU82L8wQSnTRKi1IxZ%2FQ36eV7Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7ac7213069ab2c3b-FRA
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=ScreenCrush&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=ScreenCrush&ncv=24
5 B
229 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=ScreenCrush&ncv=24
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Server
2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
de-DE
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
7ac721348eea9c01-FRA

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=ScreenCrush&ncv=24
access-control-allow-origin
*
date
Thu, 23 Mar 2023 13:48:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ac721321ab19c01-FRA
content-type
text/html; charset=iso-8859-1
nsjs
action.media6degrees.com/orbserv/
Redirect Chain
  • https://action.dstillery.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
  • https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
5 B
143 B
Script
General
Full URL
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Server
2606:4700::6812:16ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=ISO-8859-1
content-language
de-DE
access-control-allow-origin
*
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
cf-ray
7ac721349f199c01-FRA

Redirect headers

location
https://action.media6degrees.com/orbserv/nsjs?adv=cl1016361&ns=3141&nc=all_tsm_sv&ncv=24
access-control-allow-origin
*
date
Thu, 23 Mar 2023 13:48:02 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7ac721321ab29c01-FRA
content-type
text/html; charset=iso-8859-1
bid-request
a.teads.tv/hb/
16 B
389 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Mar 2023 13:48:01 GMT
prebid
ib.adnxs.com/ut/v3/
139 B
944 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
16ee4ff5945079334aa2a15238761bda72faa34e55db581e9bbca4ab3735301c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
AN-X-Request-Uuid
5963b734-c9d5-48f0-9019-8ecd619f427a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
hb.undertone.com/
0
559 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2552&domain=screencrush.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-106.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
x-amz-cf-id
D6BpFjtEUv12jJR1gIK0WA-zE-cxb3r1TdB3kzgC7g0AvKh0DrzylA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://screencrush.com
date
Thu, 23 Mar 2023 13:48:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
trinity.json
apex.go.sonobi.com/
820 B
2 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2298cc9e61e4b72eb%22%3A%226b6633e60f015d2cf44c%7C300x250%7Cgpid%3D%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300b%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&s=26969c72-2a89-4a1e-81c1-27d0a8c2f428&pv=80c15831-a349-4682-bbf6-fb5a4d788f19&vp=desktop&lib_name=prebid&lib_v=7.36.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fff4071eb0bead4bed72ef86e072159a4a62cc1cd4bb4237425e1616dd4fb8aa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:02 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-120
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
476
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
townsquaremedia-d.openx.net/w/1.0/
73 B
145 B
XHR
General
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f72074dd-da37-4174-8bd7-92f458601f6d&nocache=1679579281901&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250&divids=tsm-ad-300b&aucs=%252F8328825%252Fnational%252FScreenCrush%252F404%2523tsm-ad-300b&auid=540963437&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3e7d038de793c3bea61d998788604d6a76f558efa082ed58a04e5677dfb4fc2b

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/
14 KB
5 KB
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.36.0&referrer=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.195.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-195-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ad2ef6c02a4368f01e9a300b742cbd38689e4076a9383fa81bf4b3250aeab20c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
accept-ch
sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
4954
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
334 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=257436
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3930c3e916897bc11719c0b11ccbad1e2cbd064d0b298383d5336d71f8884c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNMPRlzSIg89IIDtsl66Q7SQi15eZbIImbjNYcyRcm6WhESoC%2Fm5qOScEC3r%2BbMLoLbtXQHBXr9r6zjxvdFpGg2MRSCzanrDDIMO12rCn59j28Ko1XtFMSd3o7xZmCTOeOIi6Yos"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac7213009d30493-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
451 B
509 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836148&size_id=15&rf=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&kw=tsm-ad-300b&tg_i.page=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tg_i.domain=screencrush.com&tg_i.pbadslot=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300b&tk_flint=pbjs_lite_v7.36.0&x_source.tid=f72074dd-da37-4174-8bd7-92f458601f6d&l_pb_bid_id=108ae77cc27027c2&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300b&slots=1&rand=0.6525704273899784
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
918f1fdc3c4127d0272d1f3aff75791333c98119ba57b965774f8d847b7752f3

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
451
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
krk.kargo.com/api/v2/
2 B
678 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b62874ba-f6ea-4d82-ab04-20d33a286a4d%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1679579281904%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22110f5d779d505118%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22110f5d779d505118%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22f72074dd-da37-4174-8bd7-92f458601f6d%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%22%7D%2C%22pbadslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300b%22%7D%2C%22gpid%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300b%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300b%22%2C%22transactionId%22%3A%22f72074dd-da37-4174-8bd7-92f458601f6d%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%22110f5d779d505118%22%2C%22bidderRequestId%22%3A%22109b12232b12d694%22%2C%22auctionId%22%3A%226ccd23a7-7b48-405f-a9d1-7cdf18921d2c%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.19999980926513672%2C%22requestBids.validate%22%3A0.10000038146972656%2C%22requestBids.makeRequests%22%3A2.90000057220459%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.124.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-124-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
v2
e.serverbid.com/api/
16 B
201 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
imp
g2.gumgum.com/hbid/
865 B
860 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1679579281905&to=0&aun=tsm-ad-300b&gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300b&pv=1f3617a8-c2d1-417a-91a1-67e7634ceebd&maxw=300&maxh=250&si=9104&pi=3&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.36.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.209.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-209-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92abfa02948c61520e4497857195f280b5ff78e5f3783fd50dd736f338b55c3f

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
prebid.media.net/rtb/
338 B
319 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f5b14a7fa2512bf3e7ce4d5ffb290da77abc80819ea2bb739ba95e160cd7a091

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 23 Mar 2023 13:48:01 GMT
follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 11F4
40 KB
15 KB
Document
General
Full URL
https://platform.twitter.com/widgets/follow_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
665712
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
14965
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Mar 2023 13:48:01 GMT
Etag
"4fdb0b5f121db02fe652a6f4fe49d886+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:07 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6776)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/
43 B
127 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22screencrushnews%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1679579281916%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=90d2274c050a1e35ccb2a8a8b51bea4bee2479ec
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-response-time
111
date
Thu, 23 Mar 2023 13:48:01 GMT
strict-transport-security
max-age=631138519
last-modified
Thu, 23 Mar 2023 13:48:01 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
fb5403961a514b08
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
c4c8438a51efed291cbbaa9da9219359ba674bffb8f85c3ebe2b0d28e30f82b6
content-length
43
hb
hb.undertone.com/
0
557 B
XHR
General
Full URL
https://hb.undertone.com/hb?pid=2552&domain=screencrush.com
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-106.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
via
1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
x-amz-cf-id
4_mLa4uQBD0TKLwGjtOxi3iU4lh1cDG3e8CcX__09Y6AaWQR2g0YLA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
471 B
506 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11266&site_id=173182&zone_id=836148&size_id=15&alt_size_ids=10&rf=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&kw=tsm-ad-300c&tg_i.page=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tg_i.domain=screencrush.com&tg_i.pbadslot=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300c&tk_flint=pbjs_lite_v7.36.0&x_source.tid=596efdb1-d7eb-4561-bbd3-f88380152778&l_pb_bid_id=1221cf72516b4d51&p_screen_res=1600x1200&rp_floor=0.25&rp_secure=1&rp_maxbids=1&p_gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300c&slots=1&rand=0.6064981686333104
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
20b9d85a65e5afc88a160db257ac3ca230e444f5b668fe7f1b96e32ae65c98dc

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
471
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/
95 B
1 KB
XHR
General
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22124a504956af42c%22%3A%2203c250f27ee89433635c%7C300x250%2C300x600%7Cgpid%3D%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300c%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&s=ac1e7429-df76-4ad6-a35f-477b7d12782f&pv=80c15831-a349-4682-bbf6-fb5a4d788f19&vp=desktop&lib_name=prebid&lib_v=7.36.0&us=5&fpd=%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&coppa=0
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
74abb43f6279aef526852fda03591a9d61c01b88048fbbdc34cf5540b9dbcfa6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:02 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-189
Content-Type
application/json
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Length
120
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
arj
townsquaremedia-d.openx.net/w/1.0/
73 B
145 B
XHR
General
Full URL
https://townsquaremedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=596efdb1-d7eb-4561-bbd3-f88380152778&nocache=1679579281927&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C300x600&divids=tsm-ad-300c&aucs=%252F8328825%252Fnational%252FScreenCrush%252F404%2523tsm-ad-300c&auid=540963437&aumfs=250
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0811773ffd84a055df48ca0ce91c5f9d12a80194098d270cffc98147f11736c9

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://screencrush.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
krk.kargo.com/api/v2/
2 B
678 B
XHR
General
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22b62874ba-f6ea-4d82-ab04-20d33a286a4d%22%2C%22requestCount%22%3A3%2C%22timeout%22%3A2000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1679579281927%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22130f5e8f36397b9d%22%3A%22_aDJRj7ybNG%22%7D%2C%22bidSizes%22%3A%7B%22130f5e8f36397b9d%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_aDJRj7ybNG%22%7D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22tid%22%3A%22596efdb1-d7eb-4561-bbd3-f88380152778%22%2C%22data%22%3A%7B%22adserver%22%3A%7B%22name%22%3A%22gam%22%2C%22adslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%22%7D%2C%22pbadslot%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300c%22%7D%2C%22gpid%22%3A%22%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300c%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22tsm-ad-300c%22%2C%22transactionId%22%3A%22596efdb1-d7eb-4561-bbd3-f88380152778%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22130f5e8f36397b9d%22%2C%22bidderRequestId%22%3A%22129a3c24e7a75f8f%22%2C%22auctionId%22%3A%222eeed3cd-7c2f-404a-89d9-719b1d7d6be5%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22requestBids.usp%22%3A0.09999942779541016%2C%22requestBids.validate%22%3A0.10000038146972656%2C%22requestBids.makeRequests%22%3A1.5%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22domain%22%3A%22screencrush.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22screencrush.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.110%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%7D%5D%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.124.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-124-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Krk-No-Bid-Reason
consent
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
translator
hbopenbid.pubmatic.com/
0
59 B
XHR
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://screencrush.com
date
Thu, 23 Mar 2023 13:48:01 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/
865 B
860 B
XHR
General
Full URL
https://g2.gumgum.com/hbid/imp?lt=1679579281928&to=0&aun=tsm-ad-300c&gpid=%2F8328825%2Fnational%2FScreenCrush%2F404%23tsm-ad-300c&pv=1f3617a8-c2d1-417a-91a1-67e7634ceebd&maxw=300&maxh=600&si=9105&pi=3&bf=300x250%2C300x600&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.36.0%22%7D&ogu=null&ns=10240
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.209.85 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-209-85.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
92abfa02948c61520e4497857195f280b5ff78e5f3783fd50dd736f338b55c3f

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid-request
a.teads.tv/hb/
16 B
389 B
XHR
General
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Mar 2023 13:48:01 GMT
prebid
prebid.media.net/rtb/
338 B
319 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUMP71D3
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
36bced00ad2eb076fb2a014fe3b188d2959b3a090cf0eb298327f75b7ac5a15c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://screencrush.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Thu, 23 Mar 2023 13:48:01 GMT
auction
tlx.3lift.com/header/
14 KB
5 KB
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.36.0&referrer=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&tmax=2000
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.195.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-195-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4922b514984f94ca921b6ec5d5d451de1fa18b1c4de0f3657ab17f5374650687
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua
content-type
application/json; charset=utf-8
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
4961
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/
140 B
945 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
14eef337c83a9f91a3c90958581f6b4dddc38c462970ba046b8a540beb490870
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:01 GMT
AN-X-Request-Uuid
9a6e89c7-fee6-41bd-97fa-bd2b5a129e20
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://screencrush.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/
38 B
312 B
XHR
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=257437
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2016cb21d1321750fceeaa3f97f51cd55d786f6f8514c59a7580e4e299be2686

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3W1b%2FTerr5t5qkwSRq9ZgsWaHALU4Myylv6nwWBwK59FRQkGxO0D6kmoXtQ9KxS2MwaOEfxNqY7Z7p65QmP9iysLdUQ2DzaKei32%2Bo%2Fb3TTbLqln3%2BGHI5Pgf6TPYRxVU9fbAgz"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://screencrush.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7ac721303a3a0493-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38
expires
0
v2
e.serverbid.com/api/
16 B
201 B
XHR
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: cdn.production.townsquareblogs.com
URL: https://cdn.production.townsquareblogs.com/wp-content/uploads/static/prebid/carbon/pb.js?domain=screencrush.com&v=576396640674f421805c55696d3f5f17b454bbee&mver=28&gver=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 13:48:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://screencrush.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
subscribe_embed
www.youtube.com/ Frame 4E94
604 B
296 B
Document
General
Full URL
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgMJGv4cQl8-q71AyFeFmtg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
167d0a056a868a9a3b731d81a18980f1f7cc31f113014133edccd1645afc6b32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 23 Mar 2023 13:48:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
43 B
331 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
70969
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Mar 2024 18:05:12 GMT
spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
43 B
129 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
70970
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Mar 2024 18:05:11 GMT
bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
318 B
388 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
70970
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
318
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Mar 2024 18:05:11 GMT
bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
116 B
177 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
70970
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Mar 2024 18:05:11 GMT
bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/
117 B
178 B
Image
General
Full URL
https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
70970
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Mar 2024 18:05:11 GMT
truncated
/ Frame 11F4
822 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/
60 KB
4 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e554f3bc1680849172835f886e4509f5a12501456292c5f956a5bcfaa83d728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Mar 2023 13:48:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Mar 2023 13:48:02 GMT
AGSKWxVXyXq3TMUWQmnD02HORLtW81BQikltOo95Oj4iLKyZPjicy1bFrWhVwKP05pzrO0oKdniTSEZm2UrlgcDkRBFY3eqyZoL4GtHt6zrW0bpbY4yPYrnx8yeB5cZdu1cK2OrLOIywMA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVXyXq3TMUWQmnD02HORLtW81BQikltOo95Oj4iLKyZPjicy1bFrWhVwKP05pzrO0oKdniTSEZm2UrlgcDkRBFY3eqyZoL4GtHt6zrW0bpbY4yPYrnx8yeB5cZdu1cK2OrLOIywMA==?dmid=e55836bcfeb01630
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.3uowa6L5c8A.es5.O/d=1/rs=AJlcJMzjV7i--595Wh1646g1VgcqtDKZWQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VBd-EJZqCcWfGbHw68D78g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Mar 2023 13:48:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VBd-EJZqCcWfGbHw68D78g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://screencrush.com
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 4E94
9 KB
2 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgMJGv4cQl8-q71AyFeFmtg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgMJGv4cQl8-q71AyFeFmtg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2447
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 01:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 18:05:12 GMT
www-subscribe-embed-card_v0.js
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 4E94
149 KB
44 KB
Script
General
Full URL
https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgMJGv4cQl8-q71AyFeFmtg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCgMJGv4cQl8-q71AyFeFmtg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70970
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44975
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 21:45:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 21 Mar 2024 18:05:12 GMT
px.gif
ad-delivery.net/
43 B
944 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1442174
x-guploader-uploadid
ADPycdvTJCqgNW-7N7MLVVIBDsvmrwaAsXBPg6Ieu6WApXquzJ5Gq0ens8GEO7_LB59f7j-3Gy_fPNpCFKzZJHGKqQ1W7yszutcV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbGDXvHDqcrGuTBOJvCbJmT9NZQar5267IZytFx4Z3ytYMz007a4nXaCoLY%2F%2BCkYd6YHHwlDz6TCAVe92xjTYGOZZp89UhyawvjsO2Zo1StIB3t8BZXJs3ZnCaJeAC0ZKYBOnLAnFSNoVLR3rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ac7213239d839eb-FRA
expires
Mon, 06 Mar 2023 21:26:43 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70971
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Mar 2023 18:05:11 GMT
px.gif
ad-delivery.net/
43 B
337 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.43786239233543545
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1442174
x-guploader-uploadid
ADPycdvTJCqgNW-7N7MLVVIBDsvmrwaAsXBPg6Ieu6WApXquzJ5Gq0ens8GEO7_LB59f7j-3Gy_fPNpCFKzZJHGKqQ1W7yszutcV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irmbHdDxZNz%2BrYzzu6mzA8Cycrgz94k7EKosE0Qp8YLdfFTSYtrjmqIJ7r7ywzXSVGVNcTouyi2ra3wWwpa%2BWmm%2FXhs9givtm8JzFvYnBHe9dRxoWVqftTBr7pOGpbdGDHVYOi3kDrw38xHieg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7ac7213239db39eb-FRA
expires
Mon, 06 Mar 2023 21:26:43 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/
125 KB
125 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options
nosniff
age
191422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:40 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://screencrush.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options
nosniff
age
191423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:39 GMT
c2NyZWVuY3J1c2guY29t
static.solutionshindsight.net/assets/
4 KB
2 KB
Fetch
General
Full URL
https://static.solutionshindsight.net/assets/c2NyZWVuY3J1c2guY29t
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-6.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20889ee539efd5ccba44da580df740e52fcee1f3ea8276e5fc1aff8c7ef05b93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
date
Thu, 23 Mar 2023 13:48:03 GMT
x-amz-cf-pop
PRG50-C1
x-cache
RefreshHit from cloudfront
last-modified
Fri, 28 Oct 2022 18:02:01 GMT
server
AmazonS3
etag
W/"f0c9510b377bc7aa3f097277a43484a9"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
emxCU9l1Ouj0LNx1xPk_aCs73w2RARoKEFG4jL6DoFOqWn8ByKpJZA==
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ Frame 4E94
134 KB
45 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/cb=gapi.loaded_0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
190f26b6ca8a373b93ebb537988f426953885e75816de2ef852f03f63a71e4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 17:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246556
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45755
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 17:18:46 GMT
country
api.btloader.com/
16 B
203 B
Fetch
General
Full URL
https://api.btloader.com/country
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:02 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=8Oxw5NaN3y&w=5179525076877312&o=5642230212591616&cv=2.1.10-3-g4120aac&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&sid=Q6oCk2BTQQ&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5642230212591616&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 13:48:02 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
pushly-sdk.min.js
cdn.p-n.io/
220 KB
50 KB
Script
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=2jhT3sfRmbLBoBkZmzYv2hVO3T2jsn1M271G
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.141.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-141-81.mct50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2afc49e960bc79438574c3b3fe1ffcd377067e57fbc9909da12fd02ae9f55d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:03 GMT
content-encoding
gzip
via
1.1 a9854b5c8d56f1ff88b3b6a5afeecd6e.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 16:30:39 GMT
server
AmazonS3
x-amz-cf-pop
MCT50-P1
age
494
x-amz-server-side-encryption
AES256
etag
W/"affd35e5cc935c375c82f2c77857c014"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
GWWvx1NNIr0bkJF2g58np6p7xexgxfi3nrIhJVqBAgluMvAMjQGG6A==
pubcid.min.js
townsquare.media/public/resources/js/
57 KB
18 KB
Script
General
Full URL
https://townsquare.media/public/resources/js/pubcid.min.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.181 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) / Express
Resource Hash
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:02 GMT
content-encoding
gzip
via
1.1 varnish
age
83151
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
18369
last-modified
Tue, 30 Mar 2021 01:10:29 GMT
server
ECS (frb/67BD)
etag
W/"e26f-17880ae9b2e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3397619421 3381341610
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:01 GMT
/
log.pinterest.com/
0
338 B
Image
General
Full URL
https://log.pinterest.com/?type=pidget&guid=bZSipRQHkDNL&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 23 Mar 2023 13:48:02 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
6
x-pinterest-rid
7468598495584015
content-length
0
x-served-by
cache-hhn-etou8220038-HHN
pragma
no-cache
server
envoy
x-timer
S1679579283.688405,VS0,VE35
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
accept-ranges
bytes
expires
Sat, 01 Jan 2000 00:00:00 GMT
wp-banners.js
static.solutionshindsight.net/teju-webclient/
264 B
602 B
Script
General
Full URL
https://static.solutionshindsight.net/teju-webclient/wp-banners.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-6.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:03 GMT
content-encoding
gzip
via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 17:43:38 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
etag
"4ebf4791ac4b9ad5438d4b8a37062efa"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
no-cache
accept-ranges
bytes
content-length
190
x-amz-cf-id
JoPiaVOA5JElVXEUBy8FkdcLSxOt8VHloAuBfuJhMcNPohBhQBoSCQ==
like.php
www.facebook.com/v2.8/plugins/ Frame D74E
0
1 KB
Document
General
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=856098531951831&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f075177220c9%26domain%3Dscreencrush.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fscreencrush.com%252Ff28eb8a14db715%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fscreencrush&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&width=47px
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Mar 2023 13:48:03 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
hHwr1MUBvZBVsLxjB6c5vmnpfmf39J1G+MwDqCX+YW/u8gu7Pa1zpuMwdUHX4fJ5+krTAhRDQ9V1JtRbKnTFGA==
x-xss-protection
0
pushly-sdk.min.css
cdn.p-n.io/
27 KB
2 KB
Stylesheet
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=2jhT3sfRmbLBoBkZmzYv2hVO3T2jsn1M271G
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.141.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-141-81.mct50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 16:03:26 GMT
content-encoding
gzip
via
1.1 a9854b5c8d56f1ff88b3b6a5afeecd6e.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 20:36:44 GMT
server
AmazonS3
x-amz-cf-pop
MCT50-P1
age
78278
etag
W/"5324d6c6926b312f68532f29a3bb2aec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
f6M8Y4WBN8ob6Hska8sGRNbaKU_FwZunW-Fs5jSXcvtkhePFQHhj0A==
event-stream
k.p-n.io/
0
126 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.71.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-71-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 13:48:03 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/
0
125 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.71.93 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-71-93.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Mar 2023 13:48:03 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
ixmatch.html
js-sec.indexww.com/um/ Frame BF38
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ac721444dbf0378-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Thu, 23 Mar 2023 17:48:05 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 7D6B
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 6426
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 23 Mar 2023 13:48:05 GMT
pd
u.openx.net/w/1.0/ Frame 6389
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usersync.html
cdn.undertone.com/js/ Frame F8DE
10 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44730
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 01:22:36 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-id
W-esy8KoekebOuRwAmVqaaH-OFNR_wQgIZgYD7DR1VaEw0i6mhJbgg==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 723B
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame D3A0
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 23 Mar 2023 13:48:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AED3
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 56B2
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 23 Mar 2023 13:48:05 GMT
checksync.php
contextual.media.net/ Frame 7828
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6527ce1fef693d10573453134bc4a2e44c6e35248fee2426716a57e48ccb8c07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Sat, 25 Mar 2023 13:48:05 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 883F
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6527ce1fef693d10573453134bc4a2e44c6e35248fee2426716a57e48ccb8c07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Sat, 25 Mar 2023 13:48:05 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 6137
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 6A57
10 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44730
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 01:22:36 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-id
1ZDZS2i1WNxWxD3wxw657f-B24EjE9S-HOCqUfI2s2Pb1FRciNkwng==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
usersync.html
cdn.undertone.com/js/ Frame F3D9
10 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44730
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 01:22:36 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-id
DS26w7A6L8DjVVWyLB-bRVT_gPKGzVWToDPws54JoAP94L_VXcZEbg==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
checksync.php
contextual.media.net/ Frame C951
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6527ce1fef693d10573453134bc4a2e44c6e35248fee2426716a57e48ccb8c07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Sat, 25 Mar 2023 13:48:05 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 4DB4
21 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUMP71D3&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6527ce1fef693d10573453134bc4a2e44c6e35248fee2426716a57e48ccb8c07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7833
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Sat, 25 Mar 2023 13:48:05 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
ixmatch.html
js-sec.indexww.com/um/ Frame 2492
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ac721446e010378-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Thu, 23 Mar 2023 17:48:05 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1821
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usersync.html
cdn.undertone.com/js/ Frame 52BE
10 KB
3 KB
Document
General
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3c00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
44730
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 01:22:36 GMT
etag
W/"55a2c695384db1f8872ab66920fae4ff"
last-modified
Mon, 13 Mar 2023 13:12:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
x-amz-cf-id
ooa2_xqtqrS5kgtVEBuVEzGQUYw4tZVlXCkPJ12IkZIS6gvi4vtiFQ==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
taQSmiFtApGCXHWEGOWOQBdJzs8wq2BO
x-cache
Hit from cloudfront
ixmatch.html
js-sec.indexww.com/um/ Frame EAE4
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ac721448e410378-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Thu, 23 Mar 2023 17:48:05 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
2000775.html
sync.serverbid.com/ss/ Frame 3E47
5 KB
2 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b5dc86b5231184ab7648138dd9ae86cc03cadedb51bfcdbe8c855ba8de8d518

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37269
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 03:26:57 GMT
etag
W/"55508b298b4f7e3dd94e3f3dc223cacd"
last-modified
Thu, 09 Mar 2023 16:02:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-id
XRpNw8QpMEeSqhz1Z5JoHsoafVxv1-cgYTYO9U34bS2M4HdN6ME9kQ==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
2000775.html
sync.serverbid.com/ss/ Frame 5B20
5 KB
2 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b5dc86b5231184ab7648138dd9ae86cc03cadedb51bfcdbe8c855ba8de8d518

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37269
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 03:26:57 GMT
etag
W/"55508b298b4f7e3dd94e3f3dc223cacd"
last-modified
Thu, 09 Mar 2023 16:02:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-id
CoQ3O-ABMLDcRLsPQjoH38lR98t3oV271rhVhrGslvJtT508jtvx2w==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
2000775.html
sync.serverbid.com/ss/ Frame 722F
5 KB
2 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b5dc86b5231184ab7648138dd9ae86cc03cadedb51bfcdbe8c855ba8de8d518

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37269
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 03:26:57 GMT
etag
W/"55508b298b4f7e3dd94e3f3dc223cacd"
last-modified
Thu, 09 Mar 2023 16:02:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-id
6z0X7kDfPAKT-_1mLw2V7CuytCEZghLYz43zB6_PLche4vPTu1aRWQ==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pd
u.openx.net/w/1.0/ Frame 4FE6
0
80 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame C8C4
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
412
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7ac721448e470378-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Thu, 23 Mar 2023 17:48:05 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
2000775.html
sync.serverbid.com/ss/ Frame FAE3
5 KB
2 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000775.html
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-85.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9b5dc86b5231184ab7648138dd9ae86cc03cadedb51bfcdbe8c855ba8de8d518

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37269
content-encoding
gzip
content-type
text/html
date
Thu, 23 Mar 2023 03:26:57 GMT
etag
W/"55508b298b4f7e3dd94e3f3dc223cacd"
last-modified
Thu, 09 Mar 2023 16:02:02 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 aa90ed38e679f04bd48e055cce602e20.cloudfront.net (CloudFront)
x-amz-cf-id
ZCvMEpuEO9leBXKBZv8N3T_LhbRPh0KBVVaTsgI86reBL-rOH5P4pQ==
x-amz-cf-pop
PRG50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sync
eb2.3lift.com/ Frame CDBE
37 B
139 B
Document
General
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 23 Mar 2023 13:48:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FEDA
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8CB5
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://screencrush.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439&google_hm=MWU5YzQzNWYtNGExZi00OTAwLWJjZjItNDg5NzdhMGNmNDM5
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=sonobi&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439&google_hm=MWU5YzQzNWYtNGExZi00OTAwLWJjZjItNDg5NzdhMGNmNDM...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJErhOtEDrKT69qo3P2lmV0&google_cver=1&ssp=sonobi&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1e9c435f-4a1f-4900-bcf2-48977a0cf439
49 B
533 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1e9c435f-4a1f-4900-bcf2-48977a0cf439
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-50
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=1e9c435f-4a1f-4900-bcf2-48977a0cf439
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7f60641c-5896-4800-9996-4903209a49a8
49 B
446 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7f60641c-5896-4800-9996-4903209a49a8
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-50
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
MT3 668 4401257 master nrt-pixel-x17 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=7f60641c-5896-4800-9996-4903209a49a8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Mar 2023 13:48:05 GMT
9.gif
id5-sync.com/s/441/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=23602b7e-43c1-4b29-a7b1-c3067cbc2266&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=andsT2k4VXRSSjlMMXhrZGd0czItUQ&gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm=&google_sc=&google_hm=andsT2k4VXRSSjlMMXhrZGd0czItUQ&gdpr=&gdpr_consent=&google_tc=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOko7F82dEm-glaV3dnZGA&google_cver=1
49 B
495 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOko7F82dEm-glaV3dnZGA&google_cver=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.50.v20221201) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dfdb4b8db-glqpf
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEFOko7F82dEm-glaV3dnZGA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=fbf6d2f2a8&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827006366435
49 B
533 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827006366435
Protocol
HTTP/1.1
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-39
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=5107433827006366435
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 723B
3 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79203901&p=156725&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f7f89bd4b22bec83d52910af69cae0f2e72af710392c5fa79f65aa663da05455

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 23 Mar 2023 13:48:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame 8409
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e2a0143e97e54f1a46cb76a95c4feaf0ed0570ca5f327ae018eb78e79ec9dbb1

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1723
Content-Type
text/html
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame CD07
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame F8DE
43 B
131 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame F8DE
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
0
232 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
yrhfhscqts5DhuLLNsw_ADCDtM-1MC0XqYJJ1wnnzdzcAobbAHMDSg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame F8DE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame F8DE
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame F8DE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=99bf374f-1fb3-4467-b5af-d5d45266af55&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F8DE
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame F8DE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
0
358 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:06 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
4OwqKXDfh9M9pBlKV60r82mgiUKZmKlyAtxilva_PP0pYyaAF-VSpw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
register2.php
synchrobox.adswizz.com/ Frame 3E47
589 B
1 KB
Script
General
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.119.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-119-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
45e0345cbc1807d727d6e621e844d9a95c1a2c180951cb26449a53c5d45bb95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 3E47
9 KB
9 KB
Script
General
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:10:31 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38255
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
mI9AyByaa--U3vePPxXfmAs_F5oq9FaO5UA4piWUD7s48SDfSmZVLQ==
register2.php
synchrobox.adswizz.com/ Frame FAE3
589 B
1 KB
Script
General
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.119.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-119-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
45e0345cbc1807d727d6e621e844d9a95c1a2c180951cb26449a53c5d45bb95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame FAE3
9 KB
9 KB
Script
General
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:10:31 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38255
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
9wpQJIa3TJPgoaTXoTxIkzKYHaf3HW8Kf07cJ-znexZwtFMnYf0gHQ==
register2.php
synchrobox.adswizz.com/ Frame 5B20
589 B
1 KB
Script
General
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.119.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-119-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
45e0345cbc1807d727d6e621e844d9a95c1a2c180951cb26449a53c5d45bb95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 5B20
9 KB
9 KB
Script
General
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:10:31 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38255
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
1ht5JSurGHL9dLnps5MLvxk95R0LlmAi6DqoB17e25Yg-RotbYDOkg==
cm
us-u.openx.net/w/1.0/ Frame 6A57
43 B
120 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 6A57
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
0
234 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
8Sh7SOMlYlMyTySQ29TyDuTPkZyOEWgbgc2V4DuKAmMLHIgUxuY38A==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 6A57
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 6A57
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 6A57
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=9ba7a2fd-6ed2-479b-a969-107a272598c6&ssp=pubmatic&expires=30&user_group=5&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
1 B
185 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6A57
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 6A57
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
0
358 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
9FsiKQy1Viw8ysAxVYnu4eobCgHFM7PcWqVMvCibkzIKnnLrJJHHPg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 75BC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
1 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
ff5ea258236f7d8a01da27a71705b23b236f71c4dbf485a09550832bdc6a9267

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1458
Content-Type
text/html
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 6709
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
register2.php
synchrobox.adswizz.com/ Frame 722F
589 B
1 KB
Script
General
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.119.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-119-157.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
45e0345cbc1807d727d6e621e844d9a95c1a2c180951cb26449a53c5d45bb95d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 722F
9 KB
9 KB
Script
General
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:10:31 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
38255
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
MPjIcRXFM0pDojw8-zrdVI7BxkXaz5ivqYNDK_XFKw2HtNhtYHyE9g==
usync.js
eus.rubiconproject.com/ Frame 6137
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
cm
us-u.openx.net/w/1.0/ Frame F3D9
43 B
120 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame F3D9
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bQUKrhJE2uGoyxJe7HscjwunEmS3PRT7~A
0
233 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bQUKrhJE2uGoyxJe7HscjwunEmS3PRT7~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
36SuhLtYY-SSLfyGofJ0xLcrYnmZbsJ0OGVvWSzUGN24rJEurg7ajA==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-bQUKrhJE2uGoyxJe7HscjwunEmS3PRT7~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame F3D9
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame F3D9
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame F3D9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=b5a2a99c-fbd6-4e1e-9551-7e07299a288b&user_group=1&ssp=pubmatic&bsw_param=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame F3D9
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame F3D9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
0
360 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
9GApfJRzEBUK_Vx3tKVhY4VTbPTlC265ZZHtjwFhid6QQdRvr5hOYw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame 6287
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
d6a33bb44443b50c8fc56d8dcfb725edfdb0860b9870c8caf49cc61f5fa3c265

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1883
Content-Type
text/html
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 4F5B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
cm
us-u.openx.net/w/1.0/ Frame 52BE
43 B
120 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame 52BE
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
0
233 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
PgLw8_B4Klcx1vHBFm629o2qlksAYvd6huUgvwPyEYnuT-iHPwoWNg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-Nb9hR6NE2uHEN0QQU6098eKbx.vF4HoU~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 52BE
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync.php
pixel.rubiconproject.com/exchange/ Frame 52BE
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 52BE
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=-1&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=1e9c435f-4a1f-4900-bcf2-48977a0cf439
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8abdd9b2-73f2-4107-96ae-610aabaaf1f2&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
1 B
55 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=1e9c435f-4a1f-4900-bcf2-48977a0cf439&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 52BE
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 52BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://ups.analytics.yahoo.com/ups/58545/occ?verify=true
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
0
359 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
wqOysG6bU0nTn3JielYV0R6jX1JZ-DnWM8Sg7EPwdAiTW9tXWEpYQw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
ssum-sec.casalemedia.com/ Frame C229
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
54e622f705cc3af05b1e15808a79be54377b85934b401744d49c616c45ad363e

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1719
Content-Type
text/html
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame D1AF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2DB6
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 52DB
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame A0E8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
server
AkamaiGHost
rid
match.adsrvr.org/track/ Frame 3E47
63 B
392 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
776790d4ed2b451c80afcfbfef87830e756e224717a224cd79a4685234975157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Apr 2023 13:48:05 GMT
pbs.gif
sync.colossusssp.com/ Frame 3E47
0
0

usersync
x.serverbid.com/ Frame 3E47
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlemCjLvlgIbQ.JT25wAA%265153
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlemCjLvlgIbQ.JT25wAA%265153
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlemCjLvlgIbQ.JT25wAA%265153
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
0
Expires
0
pixel
ap.lijit.com/ Frame 3E47
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Mar 2023 13:48:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 3E47
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=d1YFxrgbgN3E&ev=1&pid=562763
35 B
268 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=d1YFxrgbgN3E&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=d1YFxrgbgN3E&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dfdb4b8db-9mrn7
expires
-1
prebid
rtb.openx.net/sync/ Frame 3E47
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h0fa7afn9581bp41himtprqdth0olu7i
getuid
sync.smartadserver.com/ Frame 3E47
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_ui...
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame 3E47
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=e1df80d8-9f9a-4761-bdf2-c01b83a6d52b&gdpr=&gdpr_consent=&us_privacy=
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=e1df80d8-9f9a-4761-bdf2-c01b83a6d52b&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=e1df80d8-9f9a-4761-bdf2-c01b83a6d52b&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
e.serverbid.com/ Frame 3E47
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58671/occ
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
35 B
217 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame 3E47
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
746c670c-6cda-4283-bf3d-3571669f662d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 3E47
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-159
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbsync
ads.yieldmo.com/ Frame 3E47
0
34 B
Image
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.247.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-247-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
pbs.gif
sync.colossusssp.com/ Frame FAE3
0
0

usersync
x.serverbid.com/ Frame FAE3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
pixel
ap.lijit.com/ Frame FAE3
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Mar 2023 13:48:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame FAE3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=PLl9EEjZWgbl&ev=1&pid=562763
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=PLl9EEjZWgbl&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=PLl9EEjZWgbl&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dfdb4b8db-zxgdc
expires
-1
prebid
rtb.openx.net/sync/ Frame FAE3
43 B
134 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ketk7or529hmqdf29p951suqlvq543mn
getuid
sync.smartadserver.com/ Frame FAE3
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_ui...
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame FAE3
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=05f747cd-b22d-4018-9a90-1bcedf80dec8&gdpr=&gdpr_consent=&us_privacy=
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=05f747cd-b22d-4018-9a90-1bcedf80dec8&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=05f747cd-b22d-4018-9a90-1bcedf80dec8&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
e.serverbid.com/ Frame FAE3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58671/occ
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
35 B
217 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame FAE3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c6c30bb1-cc1e-4ab9-aa38-d50bd19ee151
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame FAE3
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-137
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbsync
ads.yieldmo.com/ Frame FAE3
0
34 B
Image
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.247.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-247-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D493
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 32A1
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 037A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
server
AkamaiGHost
rid
match.adsrvr.org/track/ Frame FAE3
63 B
391 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
776790d4ed2b451c80afcfbfef87830e756e224717a224cd79a4685234975157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Apr 2023 13:48:05 GMT
pbs.gif
sync.colossusssp.com/ Frame 5B20
0
0

usersync
x.serverbid.com/ Frame 5B20
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
ap.lijit.com/ Frame 5B20
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Mar 2023 13:48:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 5B20
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=m51KgYAtRn00&ev=1&pid=562763
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=m51KgYAtRn00&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=m51KgYAtRn00&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dfdb4b8db-glqpf
expires
-1
prebid
rtb.openx.net/sync/ Frame 5B20
43 B
135 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:04 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
vkion8uopeqfa5810rstkf3hrddv8o4k
getuid
sync.smartadserver.com/ Frame 5B20
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_ui...
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame 5B20
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=71ba615d-a4cf-4ae5-ae28-f8483037b3f4&gdpr=&gdpr_consent=&us_privacy=
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=71ba615d-a4cf-4ae5-ae28-f8483037b3f4&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=71ba615d-a4cf-4ae5-ae28-f8483037b3f4&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
e.serverbid.com/ Frame 5B20
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58671/occ
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
35 B
217 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame 5B20
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f360e483-a6c5-4e4f-99b6-c41280716bd2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 5B20
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-117
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbsync
ads.yieldmo.com/ Frame 5B20
0
34 B
Image
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.247.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-247-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5643
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 5FEE
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 532B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
server
AkamaiGHost
rid
match.adsrvr.org/track/ Frame 5B20
63 B
391 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
776790d4ed2b451c80afcfbfef87830e756e224717a224cd79a4685234975157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Apr 2023 13:48:05 GMT
pbs.gif
sync.colossusssp.com/ Frame 722F
0
0

usersync
x.serverbid.com/ Frame 722F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&gdpr=&gdpr_consent=&s=185073&us_privacy=&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=ZBxYlUYwLTPdGSXfll9JKQAA%265267
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
ap.lijit.com/ Frame 722F
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Mar 2023 13:48:05 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 722F
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=78QWgjqZ2Ndp&ev=1&pid=562763
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=78QWgjqZ2Ndp&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=78QWgjqZ2Ndp&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7dfdb4b8db-dlztb
expires
-1
prebid
rtb.openx.net/sync/ Frame 722F
43 B
135 B
Image
General
Full URL
https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5531%26spui%3D%26dpui%3D%24%7BUID%7D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qtorg7ubq5lrbk3vjuntcah5b5bkjokn
getuid
sync.smartadserver.com/ Frame 722F
Redirect Chain
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5527%26spui%3D%26dpui%3D%5Bsas_ui...
  • https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
185.86.138.154 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?&nwid=4295&gdpr=&gdpr_consent=&us_privacy=&url=https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5527&spui=&dpui=[sas_uid]&cklb=1
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
usersync
x.serverbid.com/ Frame 722F
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=9a8ee843-fb1c-4cdd-ac03-09799d12ba3e&gdpr=&gdpr_consent=&us_privacy=
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=9a8ee843-fb1c-4cdd-ac03-09799d12ba3e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=9a8ee843-fb1c-4cdd-ac03-09799d12ba3e&gdpr=&gdpr_consent=&us_privacy=
date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usersync
e.serverbid.com/ Frame 722F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58671/occ
  • https://ups.analytics.yahoo.com/ups/58671/occ?verify=true
  • https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
35 B
217 B
Image
General
Full URL
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/usersync?cn=732&ttt=1&dpui=y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
x.serverbid.com/ Frame 722F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
35 B
217 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
85225a81-cc21-4ec3-a039-301e6e833776
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 722F
0
500 B
Image
General
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-173
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pbsync
ads.yieldmo.com/ Frame 722F
0
35 B
Image
General
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.247.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-247-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D76D
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=74969
content-encoding
gzip
content-length
5554
content-type
text/html
date
Thu, 23 Mar 2023 13:48:05 GMT
expires
Fri, 24 Mar 2023 10:37:34 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E8D4
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame A24C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=24856&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
server
AkamaiGHost
rid
match.adsrvr.org/track/ Frame 722F
63 B
391 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
776790d4ed2b451c80afcfbfef87830e756e224717a224cd79a4685234975157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 22 Apr 2023 13:48:05 GMT
sync
usr.undertone.com/userPixel/ Frame BBCB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:06f7641c-5895-4500-85cf-73dd9689e9f4&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8594F954-1FF8-4B9D-BDBF-B312164EED08
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
0
351 B
Document
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 23 Mar 2023 13:48:06 GMT
server
istio-envoy
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
x-amz-cf-id
OVtnxBoCL0vDmzFGhKcIZIb4MeMzZWOvDuTPY8-oHP3_cej3muRuSg==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0

Redirect headers

cache-control
no-store, no-cache, private
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6419
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1026157313889103335
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Thu, 23 Mar 2023 13:48:06 GMT
expires
0
pragma
no-cache
server
nginx

Redirect headers

content-length
182
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:06 GMT
location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame DECE
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 23 Mar 2023 13:48:04 GMT
expires
Thu, 23 Mar 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
588899
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 97CB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PCss1T8nJIMnfC2DPCkwhmksL9UnLiqBOn6dutHQ
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
0
0
Document
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private, max-age=0, no-store
date
Thu, 23 Mar 2023 13:48:06 GMT
expires
0
pragma
no-cache
server
nginx

Redirect headers

content-length
182
content-type
text/html; charset=utf-8
date
Thu, 23 Mar 2023 13:48:05 GMT
location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
aax-eu.amazon-adsystem.com/s/ Frame CEBE
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Mar 2023 13:48:06 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GS17MWFR5X56Y13FBYB4

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Mar 2023 13:48:05 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Q4YZQANAEZYKW7KWXBY2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 723B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZT5VB_4S529v7MSFk7tCA%3D%3D&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hZT5VB_4S529v7MSFk7tCA%3D%3D&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=74969
accept-ranges
bytes
content-length
5554
expires
Fri, 24 Mar 2023 10:37:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 723B
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.6.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-6-120.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.7
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame 723B
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3183969068
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8594F954-1FF8-4B9D-BDBF-B312164EED08
0
284 B
Image
General
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8594F954-1FF8-4B9D-BDBF-B312164EED08
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 google
last-modified
Thu, 23 Mar 2023 13:48:06 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=8594F954-1FF8-4B9D-BDBF-B312164EED08
date
Thu, 23 Mar 2023 13:48:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame 723B
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YjVjUFZLTUlZOEhUYktDTmotYVBuQ1h6dw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=5204265467251411098&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
54.235.69.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-69-38.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 723B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU5NEY5NTQtMUZGOC00QjlELUJEQkYtQjMxMjE2NEVFRDA4&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODU5NEY5NTQtMUZGOC00QjlELUJEQkYtQjMxMjE2NEVFRDA4&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Protocol
H2
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Redirect headers

location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
date
Thu, 23 Mar 2023 13:48:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=utf-8
current
pubmatic-match.dotomi.com/match/bounce/ Frame 723B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEM71_wIW-rwMihzMKD5cbEU&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
0
103 B
Image
General
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Protocol
H2
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0

Redirect headers

location
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
date
Thu, 23 Mar 2023 13:48:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
182
content-type
text/html; charset=utf-8
pubmatic
um.simpli.fi/ Frame 723B
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 22 Mar 2023 13:48:05 GMT
sync
usr.undertone.com/userPixel/ Frame 723B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=5204265467251411098
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D8594F954-1FF8-4B9D-BDBF-B312164EED08
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
0
351 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
Protocol
H2
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
YEFejX-mZvRQA_onzLQcat5QLx3Y-MQVgeMEXf8l8sS7JPjcx6LHwQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generic
match.adsrvr.org/track/cmf/ Frame 723B
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
8594F954-1FF8-4B9D-BDBF-B312164EED08
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 723B
43 B
604 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8594F954-1FF8-4B9D-BDBF-B312164EED08?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aa05:2a68:d85:3127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 723B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8594F954-1FF8-4B9D-BDBF-B312164EED08&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w0BKX4RE2uVwPA.S7akIswVEyD.LY0E-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w0BKX4RE2uVwPA.S7akIswVEyD.LY0E-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-w0BKX4RE2uVwPA.S7akIswVEyD.LY0E-~A&gdpr=0
date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 6709
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8409
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8409
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBxYlemCjLvlgIbQ.JT25wAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 8409
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1E37WK58EANHJFQ3C2RH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5WTK4CDSQR00DXA4Q1FD
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 8409
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bridge
cm.adgrx.com/ Frame 8409
43 B
283 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-5
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 8409
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=VKPPgoZd1PFlit5
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=VKPPgoZd1PFlit5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-770-gc22eae1#rel-ec2-master i-0f98d39f03f7816e5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=VKPPgoZd1PFlit5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 8409
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827006366435
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827006366435
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433827006366435
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 8409
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0360459c-7016-8bef-ec83981f
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0360459c-7016-8bef-ec83981f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=0360459c-7016-8bef-ec83981f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
sync
usr.undertone.com/userPixel/ Frame 8409
0
350 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
kAIiI_QXPTCq2jlHPybKyTH4gKGs9wYfJAjmmIJCEUZfQ90WAVTQWA==
usync.js
eus.rubiconproject.com/ Frame D1AF
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
crum
dsum-sec.casalemedia.com/ Frame 75BC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b564e786-b270-48c4-bc0d-75f385c611f6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 75BC
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aa05:2a68:d85:3127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame 75BC
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.75.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-75-92.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 75BC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=59a3641c-5896-4700-82b4-247c8ca3bccd
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=59a3641c-5896-4700-82b4-247c8ca3bccd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
MT3 668 4401257 master nrt-pixel-x6 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=59a3641c-5896-4700-82b4-247c8ca3bccd
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Mar 2023 13:48:05 GMT
ix
ad4m.at/ad/sim/ Frame 75BC
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

rum
dsum-sec.casalemedia.com/ Frame 75BC
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f43c7227-e0fb-0684-f8c1e694
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f43c7227-e0fb-0684-f8c1e694
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 google
server
nginx/1.22.1
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f43c7227-e0fb-0684-f8c1e694
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
casale
match.adsrvr.org/track/cmf/ Frame 75BC
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 75BC
0
191 B
Image
General
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 75BC
0
348 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
TulLcEkc8MdfUaV7n8wQEwtwNGGZ-NtibHDuFcIGzhuP6YZD6AdEtA==
crum
dsum-sec.casalemedia.com/ Frame 6287
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d0c294cd-1573-486e-ab6a-cd4803a97ac1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6287
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aa05:2a68:d85:3127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame 6287
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.75.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-75-92.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6287
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d487641c-5896-4700-b49e-d40d389e495f
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d487641c-5896-4700-b49e-d40d389e495f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
MT3 668 4401257 master nrt-pixel-x25 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=d487641c-5896-4700-b49e-d40d389e495f
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Mar 2023 13:48:05 GMT
dcm
s.amazon-adsystem.com/ Frame 6287
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E1JCBGJZB856HMEZSG0F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FVPQR8GDVQ8ZBRMZDBWP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6287
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=232454db-efbd-4464-ae64-09d583909d17
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=232454db-efbd-4464-ae64-09d583909d17
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=232454db-efbd-4464-ae64-09d583909d17
date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
usermatchredir
ssum-sec.casalemedia.com/ Frame 6287
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
43 B
766 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6287
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBxYlQADzI4hPQBB
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBxYlQADzI4hPQBB&_test=ZBxYlQADzI4hPQBB
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBxYlQADzI4hPQBB&_test=ZBxYlQADzI4hPQBB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-fra-eddf8230074-FRA
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1679579286.059413,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZBxYlQADzI4hPQBB&_test=ZBxYlQADzI4hPQBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
usr.undertone.com/userPixel/ Frame 6287
0
348 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZBxYlU7Z9HhLeLhvQZQdDAAABJ0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
VdxJBRPsRiwoRIDP1-XYtShgUhJAsB2N-V7ImQ5PMW-bNV_dktlfmQ==
usermatchredir
ssum-sec.casalemedia.com/ Frame C229
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEALbQcKYXBFbDYOSrmZzgfw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C229
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CZ9FYJ9Z3HN6AW9FVR54
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ACMWN748609N919ZN229
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C229
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZBxYlUYwLTPdGSXfll9JKQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKrIZaTZYn-GWiPHIdY4ooU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C229
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame C229
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBxYlQACjp9rYAAo
85 B
171 B
Image
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBxYlQACjp9rYAAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230074-FRA
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2631
x-timer
S1679579286.059103,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
17232

Redirect headers

x-served-by
cache-fra-eddf8230074-FRA
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1679579286.916484,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZBxYlQACjp9rYAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
ie
match.prod.bidr.io/cookie-sync/ Frame C229
43 B
433 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.75.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-75-92.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame C229
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

crum
dsum.casalemedia.com/ Frame C229
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5518242767990326602
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5518242767990326602
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.108; 80.255.7.108; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c93ca26f-09cb-4c11-8467-fa2d2d34ebfa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=5518242767990326602
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame C229
0
346 B
Image
General
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D&s=197137&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-33.prg50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:05 GMT
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
6aTK0pU2C19eSMhkomHs2Xx4a1YXlqaazC-eaob622l9_cv6F4P1YQ==
chunk-8.30fb7753db514c8a76d8.1678138276779.js
screencrush.com/public/dist/chunks/
3 KB
1 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-8.30fb7753db514c8a76d8.1678138276779.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) / Express
Resource Hash
12943d917f93eefe1a7a2615d714cec8ae813257eada017d8eb35fd10889dd86
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
via
1.1 varnish
age
70745
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
1192
last-modified
Tue, 07 Mar 2023 18:03:42 GMT
server
ECS (frb/6762)
etag
W/"cdd-186bd3e4ee2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3897279144 3897279133
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:04 GMT
chunk-13.f9c1522e8e3ca0f26a86.1678138276779.js
screencrush.com/public/dist/chunks/
28 KB
7 KB
Script
General
Full URL
https://screencrush.com/public/dist/chunks/chunk-13.f9c1522e8e3ca0f26a86.1678138276779.js
Requested by
Host: d1180od816jent.cloudfront.net.
URL: https://d1180od816jent.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.172 Granada Hills, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) / Express
Resource Hash
0adc883a30be13edb2265e1185cf276e397fd8941fa55d5d588036b83b000bd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-abgroup
A
date
Thu, 23 Mar 2023 13:48:05 GMT
content-encoding
gzip
via
1.1 varnish
age
19796
x-powered-by
Express
x-cache
HIT
x-ua-device
desktop
x-device
desktop
content-length
7336
last-modified
Tue, 07 Mar 2023 18:03:36 GMT
server
ECS (frb/674B)
etag
W/"70c2-186bd3e36e5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-varnish
3909271061
cache-control
no-cache
gdpr-source
DE
accept-ranges
bytes
expires
Thu, 23 Mar 2023 13:48:04 GMT
usync.js
eus.rubiconproject.com/ Frame 4F5B
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
usync.js
eus.rubiconproject.com/ Frame CD07
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
usync.js
eus.rubiconproject.com/ Frame 532B
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
usync.js
eus.rubiconproject.com/ Frame A0E8
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
usync.js
eus.rubiconproject.com/ Frame 037A
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
usync.js
eus.rubiconproject.com/ Frame A24C
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.83.150.103 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-150-103.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=24856&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Thu, 23 Mar 2023 13:48:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 23 Mar 2023 13:00:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83563
Connection
keep-alive
Content-Length
9996
Expires
Fri, 24 Mar 2023 13:00:48 GMT
demconf.jpg
dpm.demdex.net/ Frame 3E47
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
52.31.88.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v046-006ebecd7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
amo7ZZVOS0c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v046-0138048db.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1cT74+IlTf0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
demconf.jpg
dpm.demdex.net/ Frame FAE3
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
52.31.88.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0d7e6a16f.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
XAcJxAeZQP8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-0a5fb53d3.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
RTdHnny/Tr4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
demconf.jpg
dpm.demdex.net/ Frame 5B20
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
52.31.88.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0725af682.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
pjvdde/AQfY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-070ee2004.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
HhxGDzNHRMk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
demconf.jpg
dpm.demdex.net/ Frame 722F
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Server
52.31.88.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-88-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0e6191e5e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
G0/E40fISAw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v046-06ec06aa6.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BmbNyxvVQUw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=175765&dpuuid=88e967b30bdefcb17c7f59d6e59b1e43
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 20AA
402 B
989 B
Document
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
Instance-id
i-0dc109bc1d210bca1
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
56b85ac1-c981-11ed-ac20-065c311879e5
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame E3D3
402 B
991 B
Document
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
Instance-id
i-07522b1ff4389e8a5
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
56b881d0-c981-11ed-890f-068f3fc492cd
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame A668
402 B
987 B
Document
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
Instance-id
i-03205095e22716243
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
56b91e10-c981-11ed-9276-0266a0780dcf
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 7CEB
402 B
991 B
Document
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.76.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-76-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Charset
utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
402
Content-Type
text/html;charset=UTF-8
Date
Thu, 23 Mar 2023 13:48:05 GMT
Instance-id
i-019175422194f22ce
P3P
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
X-AdsWizz-Banner-Status-Code
-1
X-Adswizz-request-id
56b8a8e0-c981-11ed-9b56-0afd8cc6bd89
X-Application-Context
application:production
X-Clacks-Overhead
GNU Terry Pratchett
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 20AA
9 KB
9 KB
Script
General
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:14:56 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
72175
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
kiILN_QT79I5alHap47zCnGkv6FnWJOkacBrhvFutZjU9YKNQkTzzg==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame A668
9 KB
9 KB
Script
General
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:14:56 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
72175
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
Ure5N-6AdYlC3Act2v8XTOlbHknePhGlZNciWoEwyfbGl5EHR7iAiQ==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 7CEB
9 KB
9 KB
Script
General
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:14:56 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
72175
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
viq-rguZopZLuxKIXnHUVusia8sZiBE0J0ZGHjbdI1_5Pv9-YLQP-Q==
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame E3D3
9 KB
9 KB
Script
General
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-18.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 03:14:56 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
72175
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
Sa7vH7JAZzQXr9oDCw6jZ3Q0y7pMa7LN2PQGNoFsT9bTlksRQv8H2g==
ecm3
s.amazon-adsystem.com/ Frame 6137
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=1Kz3k2XIT1maYXDmx-sCRg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1Kz3k2XIT1maYXDmx-sCRg
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1Kz3k2XIT1maYXDmx-sCRg
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C9VP6JQR4P4JDWJB0Y9J
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=1Kz3k2XIT1maYXDmx-sCRg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6137
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDAwYzY2N2NkMDM0NDQwZGExMzRiNTM3NmM4YTQ4ODM1MzgyZTYzNg&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDAwYzY2N2NkMDM0NDQwZGExMzRiNTM3NmM4YTQ4ODM1MzgyZTYzNg&us_privacy=1---
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDAwYzY2N2NkMDM0NDQwZGExMzRiNTM3NmM4YTQ4ODM1MzgyZTYzNg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6137
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMNjUwMUctMTctV0c=&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMNjUwMUctMTctV0c=&us_privacy=1---
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEZMNjUwMUctMTctV0c=&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6137
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iNjDKjaXReSym5MquVD63g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iNjDKjaXReSym5MquVD63g
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iNjDKjaXReSym5MquVD63g
Protocol
HTTP/1.1
Server
54.239.33.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Mar 2023 13:48:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2P4Q6GHD378KXJ2VJKQA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iNjDKjaXReSym5MquVD63g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 6137
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 6137
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/G5NLAe9t2Iv6yYHwNKCjUg?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ebx76KhE2oJc_fOuoZdUaK0hX7mgcfBAVlhCdw--~A
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ebx76KhE2oJc_fOuoZdUaK0hX7mgcfBAVlhCdw--~A
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Thu, 23 Mar 2023 13:48:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-ebx76KhE2oJc_fOuoZdUaK0hX7mgcfBAVlhCdw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6137
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPQlW2X1dVfjtmVZmTjG2Fw&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPQlW2X1dVfjtmVZmTjG2Fw&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPQlW2X1dVfjtmVZmTjG2Fw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 6137
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFL6501G-17-WG&us_privacy=1---
0
649 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFL6501G-17-WG&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:06 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9FE39A69609144539C704B19C743B517 Ref B: FRAEDGE2015 Ref C: 2023-03-23T13:48:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX3kYbDrZshZtlMy8PMIg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LFL6501G-17-WG&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame 6709
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---&khaos=LFL6501G-17-WG
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A0E8
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=24856&us_privacy=1---&khaos=LFL6501G-17-WG
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000775.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JH4B2T8ZH6&gtm=45je33k0&_p=1270926540&cid=1811574923.1679579281&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679579281&sct=1&seg=0&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&en=blogroll_impression&ep.call_sign=ScreenCrush&ep.site_classification=National&ep.genre=movies-tv&ep.market=National&ep.site_type=National&ep.tags=&ep.categories=&ep.gtm_version=52&ep.page_type=404&ep.author=&ep.publish_date=&ep.type=blogroll-inner&_et=5
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GGT2X929YG&gtm=45je33k0&_p=1270926540&cid=1811574923.1679579281&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679579281&sct=1&seg=0&dl=https%3A%2F%2Fscreencrush.com%2Fspc%2F%3Fwptouch_switch%3Dmobile%26redirect%3D%2F%2Frianhabnonbuzz.ml%2F72screencrush660UXE&dt=Nothing%20found%20for%20Spc%20%3Fwptouch_switch%3Dmobile%26redirect%3D%20Rianhabnonbuzz%20Ml%2072screencrush660UXE&en=blogroll_impression&ep.call_sign=ScreenCrush&ep.site_classification=National&ep.genre=movies-tv&ep.market=National&ep.site_type=National&ep.tags=&ep.categories=&ep.gtm_version=52&ep.page_type=404&ep.author=&ep.publish_date=&ep.type=blogroll-inner&_et=5
Requested by
Host: screencrush.com
URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://screencrush.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Mar 2023 13:48:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://screencrush.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 723B
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156725&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156725
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 13:48:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 boolean| credentialless object| TSM object| taskQ function| ga object| globalDimensionData object| dataLayer function| pushly object| PushlySDK object| googletag object| pbjs number| PREBID_TIMEOUT boolean| REQUEST_BIDS_ON_PAGE_LOAD boolean| SHOW_ADS_ON_PAGE_LOAD object| pbjsChunk object| _pbjsGlobals object| mnet object| pbjsBidderSettings object| apstag object| twttr object| ZERG object| _taboola function| dealWithAlephCount object| __INITIAL_STATE__ object| webpackChunkexpressblog object| bidLog function| initCarbon object| globalActionCreators function| fbAsyncInit function| onYtEvent object| cQ object| gapi object| ___jsl object| gaDevIds object| gaplugins object| google_tag_data object| gaGlobal object| gaData boolean| apstagLOADED object| apscustom object| _aps object| headertag object| ggeac object| google_js_reporting_queue number| PIN_19439 object| google_tag_manager object| FB string| aleph object| __twttrll object| __twttr object| TRC object| _tblConsole undefined| msg object| _comscore object| instgrm undefined| google_measure_js_timing object| google_reactive_ads_global_state object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| onYouTubeIframeAPIReady object| hindsight object| teads_analytics object| PIN_1679579281561 string| value object| key object| PinUtils object| __buffer function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| COMSCORE object| ns_p object| PublisherCommonId object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTk3YmQ4NGE5NzRjMTFlYmxvYWRlcl9qcw== string| ZTk3YmQ4NGE5NzRjMTFlYmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| hindsight_loaded boolean| __bt_already_invoked

113 Cookies

Domain/Path Name / Value
screencrush.com/public/dist/chunks Name: gdpr-source
Value: DE
screencrush.com/internal-ad-api Name: gdpr-source
Value: DE
screencrush.com/styles/desktop Name: gdpr-source
Value: DE
screencrush.com/rest/high/api Name: gdpr-source
Value: DE
screencrush.com/spc Name: gdpr-source
Value: DE
screencrush.com/ Name: abgroup
Value: A
screencrush.com/ Name: cogitoergosum
Value: eyJsb2NhdGlvbiI6InVuZGVmaW5lZCx1bmRlZmluZWQiLCJ0aW1lc3RhbXAiOiJUaHUsIDIzIE1hciAyMDIzIDEzOjQ4OjAwIEdNVCJ9
screencrush.com/ Name: connect.sid
Value: s%3A3ArXQSs6IV5pNYFGvoaqtRiH19TUgwDP.zEBRmmcbdsZERpa7km2rwdbxvtXsvwfzvjYe4iRuHko
.screencrush.com/ Name: _gid
Value: GA1.2.1180523687.1679579281
.screencrush.com/ Name: _gat_primary
Value: 1
.screencrush.com/ Name: _gat_UA1910975335
Value: 1
.screencrush.com/ Name: _gat_UA1910975360
Value: 1
.screencrush.com/ Name: _gat_UA1150030074
Value: 1
cdn.production.townsquareblogs.com/ Name: aleph
Value: 2782d683-7bbb-54e2-87a1-d55adaba9de3
screencrush.com/ Name: blingblocksession
Value: 1
.screencrush.com/ Name: _gat_UA1150030077
Value: 1
.youtube.com/ Name: YSC
Value: 5RSjIzHS_KY
screencrush.com/ Name: aleph
Value: 2782d683-7bbb-54e2-87a1-d55adaba9de3
screencrush.com/ Name: aleph-count
Value: 1
.screencrush.com/ Name: _ga_GGT2X929YG
Value: GS1.1.1679579281.1.0.1679579281.60.0.0
.kargo.com/ Name: ktcid
Value: 2c94749e-2cba-0818-15d1-4b40b2bbbe36
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlOnWsGgPSzMzbSBXScxyMVEzxfQM1rklo7BakJLW77Q2DY15TFTB_TqNsP1OKo7eSA75EMvJd6Ea5wM6jyLlFy7
.serverbid.com/ Name: CONSUMABLEID
Value: c40b8cce15e749168b8cce15e7791657
.rubiconproject.com/ Name: khaos
Value: LFL6501G-17-WG
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qooX9Iq5wNfkANb0fGVcfL/XWaA1sYWTLGb55ZO9yeic6Lt2dwNydJqbVgc2O9NDtyG/U5FatE3LiYbB5SW5XQ3JKOvzj4NBlyma+WVcS1g3g==
.go.sonobi.com/ Name: _usd_screencrush.com
Value: 80c15831-a349-4682-bbf6-fb5a4d788f19
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.go.sonobi.com/ Name: __uis
Value: 4ecfd44c-c309-4970-9801-91b0f1f04167
.go.sonobi.com/ Name: HAPLB8A
Value: s85189|ZBxYl
.screencrush.com/ Name: _pnvl_sn1M271G
Value: false
.screencrush.com/ Name: pushly.user_puuid_sn1M271G
Value: NQOQxP2cGb8zy5PRrmUuhZw5DOpX4aLM
.screencrush.com/ Name: _pndnt_sn1M271G
Value:
.screencrush.com/ Name: _dor_sn1M271G
Value: screencrush.com
.screencrush.com/ Name: _pnlspid_sn1M271G
Value: 21816
.screencrush.com/ Name: _pnss_sn1M271G
Value: dismissed
.screencrush.com/ Name: _pnpdm_sn1M271G
Value: true
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.ads.pubmatic.com/ Name: KCCH
Value: YES
.bidswitch.net/ Name: tuuid
Value: 1e9c435f-4a1f-4900-bcf2-48977a0cf439
.bidswitch.net/ Name: c
Value: 1679579285
.bidswitch.net/ Name: tuuid_lu
Value: 1679579285
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8594F954-1FF8-4B9D-BDBF-B312164EED08
.pubmatic.com/ Name: DPSync3
Value: 1680739200%3A201_245_241_235
.advertising.com/ Name: A3
Value: d=AQABBJVYHGQCEKLO9jf-St-FMUl95qlXc_UFEgEBAQGqHWQmZAAAAAAA_eMAAA&S=AQAAAqBngiSCs25LIEep2g6oz9A
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjcwMDM2MzMxNhXiM9QNc45KtCgOdfc0CywCAOI3ldYlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjcwMDM2MzMxNhXiM9QNc45KtCgOdfc0CywCAOI3ldYlAAAA
.adnxs.com/ Name: uuid2
Value: 5518242767990326602
.pubmatic.com/ Name: pi
Value: 160318:3
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1d02f598c44a9ca0
.casalemedia.com/ Name: CMPS
Value: 5267
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtoZm5pam5pZGFqbmy-ShSJb2ZgCAAHjyHXIAAAAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2aod:18z9~2aod"
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: EC1623F0274A4A8E8AAC6C87EF332C8B
.weborama.fr/ Name: AFFICHE_W
Value: wVBiOlW2MKLB17
.doubleclick.net/ Name: IDE
Value: AHWqTUk8i_lmF6Gl9dtKR_PoiAEiAlLRZfUBqMMbkDfMxUXrSXVxRwqYZAkMj-CCw7M
.quantserve.com/ Name: d
Value: EKIBCwHKKPijAA
.quantserve.com/ Name: mc
Value: 641c5895-c0566-0c32c-1770a
.de17a.com/ Name: guid
Value: 1.1026157313889103335
.screencrush.com/ Name: _ga
Value: GA1.2.1811574923.1679579281
.adform.net/ Name: uid
Value: 5204265467251411098
.w55c.net/ Name: wfivefivec
Value: VKPPgoZd1PFlit5
.yahoo.com/ Name: A3
Value: d=AQABBJVYHGQCENOGOK6gSSiyK4vL9LBEdFkFEgEBAQGqHWQmZAAAAAAA_eMAAA&S=AQAAAk8Ld179lsmJU2_mCt-NL3c
.w55c.net/ Name: matchcasale
Value: 5
.casalemedia.com/ Name: CMID
Value: ZBxYlemCjLvlgIbQ.JT25wAA
.casalemedia.com/ Name: CMPRO
Value: 5153
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-PCss1T8nJIMnfC2DPCkwhmksL9UnLiqBOn6dutHQ&KRTB&19420-PCss1T8nJIMnfC2DPCkwhmksL9UnLiqBOn6dutHQ&KRTB&22979-PCss1T8nJIMnfC2DPCkwhmksL9UnLiqBOn6dutHQ&KRTB&23462-PCss1T8nJIMnfC2DPCkwhmksL9UnLiqBOn6dutHQ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEM71_wIW-rwMihzMKD5cbEU&KRTB&22987-CAESEM71_wIW-rwMihzMKD5cbEU&KRTB&23025-CAESEM71_wIW-rwMihzMKD5cbEU&KRTB&23386-CAESEM71_wIW-rwMihzMKD5cbEU
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1026157313889103335
.brand-display.com/ Name: _knxq_
Value: f43c7227-e0fb-0684-f8c1e694.1679579285.0.1679579285.1679579285
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZBxYlQADzI4hPQBB
.undertone.com/ Name: UID_EXT_56
Value: y-8QLfdvFE2uEOFaW.bx3cAAWIKbUxAmmqsUpj4JI-~A
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5204265467251411098&KRTB&23263-5204265467251411098
.pubmatic.com/ Name: PugT
Value: 1679579286
.pubmatic.com/ Name: SyncRTB3
Value: 1680739200%3A8_54_71_21_7_56_251_220_13_161%7C1680393600%3A63%7C1680134400%3A15_223%7C1680825600%3A35
.creative-serving.com/ Name: tuuid
Value: 9ba7a2fd-6ed2-479b-a969-107a272598c6
.creative-serving.com/ Name: c
Value: 1679579286
.creative-serving.com/ Name: tuuid_lu
Value: 1679579286
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:06f7641c-5895-4500-85cf-73dd9689e9f4&KRTB&16736-uid:06f7641c-5895-4500-85cf-73dd9689e9f4&KRTB&23019-uid:06f7641c-5895-4500-85cf-73dd9689e9f4&KRTB&23114-uid:06f7641c-5895-4500-85cf-73dd9689e9f4
.go.sonobi.com/ Name: HAPLB8S
Value: s8550|ZBxYm
.mfadsrvr.com/ Name: tuuid
Value: 8abdd9b2-73f2-4107-96ae-610aabaaf1f2
.mfadsrvr.com/ Name: c
Value: 1679579286
.mfadsrvr.com/ Name: tuuid_lu
Value: 1679579286
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
ads.avct.cloud/ Name: uuid
Value: 99bf374f-1fb3-4467-b5af-d5d45266af55
.audrte.com/ Name: arcki2
Value: b5cPVKMIY8HTbKCNj-aPnCXzw!20220908!1679579286087!ip#80.255.7.108
.audrte.com/ Name: arcki2_pubmatic
Value: 8594F954-1FF8-4B9D-BDBF-B312164EED08!20220908!1679579286091
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1679579286
.pubmatic.com/ Name: SPugT
Value: 1679579285
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-1e9c435f-4a1f-4900-bcf2-48977a0cf439
.audrte.com/ Name: arcki2_ddp2
Value: b5cPVKMIY8HTbKCNj-aPnCXzw!20220908!1679579286297
.undertone.com/ Name: UID_EXT_57
Value: ZBxYlemCjLvlgIbQ-JT25wAAFCEAAAAB
pool.admedo.com/ Name: tuuid
Value: b5a2a99c-fbd6-4e1e-9551-7e07299a288b
pool.admedo.com/ Name: c
Value: 1679579286
pool.admedo.com/ Name: tuuid_lu
Value: 1679579286
.amazon-adsystem.com/ Name: ad-id
Value: A4ehlB6K8UAwmkZi_Iha5UE
.dpm.demdex.net/ Name: dpm
Value: 55387720670876985342706228856433815382
.demdex.net/ Name: demdex
Value: 55387720670876985342706228856433815382
.mathtag.com/ Name: uuid
Value: d487641c-5896-4700-b49e-d40d389e495f
.audrte.com/ Name: arcki2_adform
Value: 5204265467251411098!20220908!1679579286466
.undertone.com/ Name: UID_EXT_53
Value: 8594F954-1FF8-4B9D-BDBF-B312164EED08

4 Console Messages

Source Level URL
Text
network error URL: https://screencrush.com/spc/?wptouch_switch=mobile&redirect=//rianhabnonbuzz.ml/72screencrush660UXE
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8594F954-1FF8-4B9D-BDBF-B312164EED08&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
action.dstillery.com
action.media6degrees.com
ad-delivery.net
ad.doubleclick.net
ad4m.at
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.yieldmo.com
ap.lijit.com
apex.go.sonobi.com
api.btloader.com
api.rlcdn.com
apis.google.com
as-sec.casalemedia.com
assets.pinterest.com
at.teads.tv
bh.contextweb.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
cdn.adswizz.com
cdn.p-n.io
cdn.production.townsquareblogs.com
cdn.taboola.com
cdn.undertone.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
d1180od816jent.cloudfront.net.
d5p.de17a.com
delivery-cdn-cf.adswizz.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
js-sec.indexww.com
k.p-n.io
krk.kargo.com
log.pinterest.com
match.adsrvr.org
match.prod.bidr.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
platform.instagram.com
platform.twitter.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.analytics.google.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
sb.scorecardresearch.com
screencrush.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssl.gstatic.com
ssum-sec.casalemedia.com
static.solutionshindsight.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.smartadserver.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
syndication.twitter.com
tlx.3lift.com
token.rubiconproject.com
townsquare.media
townsquaremedia-d.openx.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
www.youtube.com
x.bidswitch.net
x.serverbid.com
sync.colossusssp.com
103.229.205.243
104.107.242.211
104.111.217.42
104.18.11.47
104.18.24.185
104.18.25.185
104.244.42.8
104.83.150.103
108.138.1.25
13.32.121.37
13.32.99.18
130.211.23.194
142.250.185.198
142.250.186.162
147.75.85.234
151.101.1.44
151.101.192.84
151.101.2.49
159.89.246.130
162.19.138.83
178.250.0.163
18.156.42.225
18.64.141.81
185.64.189.112
185.64.190.79
185.64.190.80
185.80.39.216
185.86.138.154
185.89.210.141
185.89.210.180
192.229.233.172
192.229.233.181
192.229.233.218
193.0.160.131
198.148.27.139
198.47.127.19
198.47.127.20
2.18.235.93
2001:4860:4802:34::36
213.155.156.184
216.52.2.16
23.35.236.201
23.56.202.187
2600:9000:2127:7000:8:56fe:be40:21
2600:9000:223c:3c00:1f:2473:9080:93a1
2602:803:c003:200::51
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:bd1
2606:4700:20::ac43:4513
2606:4700:20::ac43:4686
2606:4700::6812:16ea
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200d
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9b
2a02:2638:3::c
2a02:26f0:3500:887::1931
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a05:d018:d29:3601:aa05:2a68:d85:3127
3.120.195.75
3.120.95.6
3.123.59.105
3.124.212.222
3.225.32.203
3.33.220.150
3.71.149.231
34.107.148.139
34.111.129.221
34.111.131.239
34.111.151.213
34.120.133.55
34.91.62.186
34.95.69.49
34.95.81.168
35.186.253.211
35.210.53.219
35.244.159.8
37.157.6.254
51.89.9.254
52.19.84.36
52.212.209.85
52.214.119.157
52.214.75.92
52.31.88.82
52.46.143.56
52.58.124.102
54.195.76.101
54.228.6.120
54.235.69.38
54.239.33.159
54.93.71.93
63.35.247.169
65.9.95.106
65.9.95.33
65.9.95.6
65.9.95.85
65.9.99.209
69.166.1.12
69.166.1.15
69.173.144.139
69.173.144.165
72.251.241.196
76.223.111.18
8.43.72.98
88.221.169.49
98.98.134.242
01739260e772adfbffa7b62c6116b97fb1dfac703bc926c86de1637e41974cef
018a24a216c8b79ec9bd916f259073ff71a854d805b6a9c48c7323e2fc44caa3
0252363cfd6418a89d40c6f8552fcfb414973234e4e8833b91e79f3c011efd79
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056402395b15f9f69b3eb9177664f4632bb055c46c2444f36a6f3fd9f4e2511c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0811773ffd84a055df48ca0ce91c5f9d12a80194098d270cffc98147f11736c9
09d23b69155c0f0a464570ca5d8793528a94a2dc673a09313b077c2fc91d4f73
0adc883a30be13edb2265e1185cf276e397fd8941fa55d5d588036b83b000bd7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d05aa7fda69e5a6629806fe1b77d18eb6ce5a777eed211f77b51b728f62b4a6
109c05b8137b27c41b811f3da07369468f9a4ca8507df86c6e0e192325235906
12943d917f93eefe1a7a2615d714cec8ae813257eada017d8eb35fd10889dd86
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14eef337c83a9f91a3c90958581f6b4dddc38c462970ba046b8a540beb490870
14f1438ef653c04f79b676b4146f6aa4b68ca9ef3c1165c337b5d76f0b3a1fb1
167d0a056a868a9a3b731d81a18980f1f7cc31f113014133edccd1645afc6b32
16ee4ff5945079334aa2a15238761bda72faa34e55db581e9bbca4ab3735301c
17c048bfb0138677a5774ee0301b7858b6d3fa8620fcaf62b6b81a0b5a37996a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
190f26b6ca8a373b93ebb537988f426953885e75816de2ef852f03f63a71e4c0
1a7eefdf598c9192044b770b3c7aca913cc5715039a70b2d7ab5cafa7b1f55eb
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c9d18ee433b19af3a646c6f1604d36c0b957840a73eec918cf67b01bc40aff4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d9a291757ca2c611ebd90212efaaa0f2ce53908cbcb5ed6679b671c3a9f0c16
1dfdbee98b262621960d3b06baabd805283cd8256d3ae541f6b3c0def4c02a92
1fa1ecedd36b7da37e29238663118c6537843f58cae89bbb7bd750f9afdaa1b1
2016cb21d1321750fceeaa3f97f51cd55d786f6f8514c59a7580e4e299be2686
20889ee539efd5ccba44da580df740e52fcee1f3ea8276e5fc1aff8c7ef05b93
20b9d85a65e5afc88a160db257ac3ca230e444f5b668fe7f1b96e32ae65c98dc
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
229ddc02054f87718673c4948d6c801859ba1c4944633088224ae23336641ad6
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
24015e87dffbcb2aff83c109e1bb04da370a79c6a2a54b008dcf4a501db4473a
25c86d215a934f4f28aac2a1354156b5f5507a75fcc54c96922f85218f75d6db
295275b4ed33d154c7f1ee12b4cadefe52bb73b0ae10710e36c9f51dd0ff63b7
2962c93750c8aa352c52532315c935b5949deef67b1f8c41a6ff1578a8a34b82
2a19f79bd2859fb1dffdd7c8643dc5e58fc7a9b7fb493d68359f400c420467b3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f05bce2182c7e2220a013e488c47167ea1de7091b68128e0eb66e278aacb2d2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3400c27c9329fc2805aa324d61c60db41f90c338450da456b31cde72fd83122c
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
35b40571cb93ec4112a4d4817befd4f307c3ee69fcc2b2488df8d4c5ba0532c1
36bced00ad2eb076fb2a014fe3b188d2959b3a090cf0eb298327f75b7ac5a15c
374de9468ecc666958cc68f9556aad13f86f5041b5f5d3780497b027adcf2187
38e1e6c680ef39235e64726496ece6b39355e5fb5d2ff9f94881393427ef9d67
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3e554f3bc1680849172835f886e4509f5a12501456292c5f956a5bcfaa83d728
3e7d038de793c3bea61d998788604d6a76f558efa082ed58a04e5677dfb4fc2b
3e9b699efbada06bdb20a707f49176109c3d13ba7937afb97fb97eeacaae9bd9
3f693dec37b26106f4ea14c34c3213bd28a94857e878aa278c63b4f78e5225cd
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448bf7d2721b0d116937b586b88ba7a3008edaa9a4bfaf254f4a3d73ae5587f0
45e0345cbc1807d727d6e621e844d9a95c1a2c180951cb26449a53c5d45bb95d
464324cb16407d597cc1b6b88302232a3ecb49f37c9623d798ad12fb6ac86f11
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4922b514984f94ca921b6ec5d5d451de1fa18b1c4de0f3657ab17f5374650687
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ef13eb647e2b617ea60665e2961fe019bd9045c00b2a3c47bdc9236dab9aaa
54e622f705cc3af05b1e15808a79be54377b85934b401744d49c616c45ad363e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a3233a579da50ea2aabd916df328d3a4450c41924c7f2ccf8bbfaf4daa581a0
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
6527ce1fef693d10573453134bc4a2e44c6e35248fee2426716a57e48ccb8c07
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6fa031e2604f8c454f5975f1451a613815695e469525449d7af45ef198b6b8ee
702b45f2aa4ae71f0c91143e74391247b622ffb9971752a04d0e8a0a295df209
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73a147ae450a66402be107fd6f6d46d12f5df31fb22ea4dddc9bcc42c06de09e
743ec374ade43546c4bbbed1458ba9481d03834d6dd3e74c4aeafe0a776ade33
74abb43f6279aef526852fda03591a9d61c01b88048fbbdc34cf5540b9dbcfa6
75807caaed3d3515900c83fe448815d7ce424692b99dfb8a6e54a85635448abc
7591ee21704a922a3dcaea04873344a8f4f5a2ec33239184b1bc88b0fa7e5083
76748e02d119c4ba80576b2d306e1f216aa6d7c33ad5842f7f3092cd10b7567f
776790d4ed2b451c80afcfbfef87830e756e224717a224cd79a4685234975157
787c0728e67cac0b6183ff5934311be7677c5e7301261a46672699bf29ae0221
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d70692cac884866a6bfc2255a19c7e3fff39c69a5882e708fcd2a599de02c97
7f9921b1bfb6c284642ae04465bdf3aadffa380b55617fd4f4dab2cf25c4ef55
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82cb810a8d8f5dd9b5aa168bc380a360d644969bd9e6dc39995debe964418398
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865627ca9de67b472d856ed840ffd693c9dc5a2bebac886c3c59c6a7a6ebec7a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88bbc4ebfcf9a284985af6d84ff1e7cf313314a72ba1e327a8c7ece5d476a621
8a3bf102b192cf0b8a06ea1a89a8beacc51a64059c2b98d995054bbcb6e287f2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dab8e1efd6eccf763e362ee81b36e8c76d55e9471413fea11fa73ee8241c76f
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e44786cf165cc2704d5206ed17d6c6f9e1286b8c2ad1892a105208bf72ad89e
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
918f1fdc3c4127d0272d1f3aff75791333c98119ba57b965774f8d847b7752f3
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
92abfa02948c61520e4497857195f280b5ff78e5f3783fd50dd736f338b55c3f
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
93c49eb7a1b379a2eaed44b734895c41b2b8d2c2709c4f9630ac7ee719e6dfb7
96d98fa2fdfa3030045ee2fd6419d5c4dc3b81cd2d2fb393f517101897175b8f
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
992826b176584df60085eba2f256765f56eab1c8e61dbaa12581829fc657c734
9b5dc86b5231184ab7648138dd9ae86cc03cadedb51bfcdbe8c855ba8de8d518
9fcde0003e8ba1c46265f4ec62b8e3fe8ef319d53c939862bd65afac52ee9886
a00ea2b109201b63ed58354dbf97508412d4bdfbb0725b8c8b2357d69e4b91af
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12e5839bee50279e4b804e234f9b59d5ce94ff958341f64d56fbb5ca4832714
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a296023a180e4ffaa92ee13db4384b04b986c8d8ccb047946e1a7217473aa676
a2afc49e960bc79438574c3b3fe1ffcd377067e57fbc9909da12fd02ae9f55d9
a2fc376c1d9e66b8e7c17ad1232ba4e2e7b2aad9c1df51d6b217460d1b728980
a36cf3227b8a2818257b14e77c942b4a364d2d39c9e0db246f81d79a833f62af
a6027f08af190d950299bfeaef9224db25e3e684d7f250577527c7b92889d439
a6c73a03dc02abde16f105eb0ab4f624075e1ea82e650f6b60df652b29fed690
aa5fd8ee6e27901a03c902884af8efed8af1b8afc8101aef87e44a9c8dc5abde
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
acf80af758efd9badc67bd14a3ea03f357c66ccb5532514ec356318d6c6ab742
ad2ef6c02a4368f01e9a300b742cbd38689e4076a9383fa81bf4b3250aeab20c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8c297067bf45604161019f2901ebe90a40e6b8c6c0a4e12328598b49b1f5ba4
b9846e2517780667dabbe6bd01551d1616f7b4c9c41519f6dfa3a09ed78c9119
bb1cc21e247d8fd887e42444a586793d7ef95f34358399f4cca21a30c5687f84
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c022178cd168183fa92ad8679edbef4b30d6d1dd3f42fdf79594df32d119e27a
c1f87b6ebedfe2a978cb946c520baf745f8e3a4b47c690f9c7b353a84f7b53ca
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c47456b9566b0f3776e0645e7b885b9c9b6ac9bf06140689165306ea1d5db1a1
c50eaadf493bbe08f956c23483326f2d1d6329691da25ee611ccad5d36c063cf
c6fe6523750e542e1f5a877b311acc915d85ccc9938a2edf7db330fbaae14715
c7f0196e14733ac08f4e968b8edb36771a018f4a2e8d3c7a279627c44260cdd8
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c95b914e03c58641ddce10559aca88ec677bb6e66ea8b667130811d340143b09
cdad86c6c48439f0d708965a6006f6df82d87d242f5cbadd497bff916baaabcd
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
cdde337ccd239c82acdf867448c976cf998b4e6eb6d0414babde3ba82f514786
ce7d1e5a84d4109ae07bb4b1135f041a6b9bb3fa32dee020a2fbccb3908bea9d
cf2086397a5d0d6d9c67e72d0dce0c0e734c9867e3cf6c1dd529b1fd22713393
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb02ca5280925d98c8e89e1b58e1cd680e6ccc1529dcf74c049b43a153cbc61
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d67a85dad8ec48546000be4776533595f7f224f7fe7ecae8e4f719e3fef8748c
d69b4856c064a3d481301694c8adc94ffef9d13cc2194098b47bedf555b1becb
d6a33bb44443b50c8fc56d8dcfb725edfdb0860b9870c8caf49cc61f5fa3c265
d7fcfcf5dc79ede5660d2719ce39bda8551e26781a550b416dda18fc2550fb9b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9a7517e138a924d16140fbc534bd50783da481206bdfeaa84f64888ce9f9c2e
da3c1db08c464d38bc2f27b488d36d0b389c8e9c8e45ae1ef6ec8e137715a69c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dc2fd9d659522306153c27c31a5482cfe8ba2714a12d63a5b69961a38a6ee832
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df74e35033acf829919c64034c8a31b5d57dc065cb90909280fffcd98fede333
e26c65690d3eb8102487ae9efa4e9bc770225affacb451ba740ad4ecd6068db6
e2a0143e97e54f1a46cb76a95c4feaf0ed0570ca5f327ae018eb78e79ec9dbb1
e317d72184f175517e5c71273b70cc53d88e1bf4887e3fac1c1c7e448f83b323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e455c9481ab43afb3fe882d539f47ad82eb560651f6c68a99f4dfb8ff4249d88
e74fc9882fd1b046474630282635991e5aa59cb761302f13d7a304c1a3bae89b
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e81cba87ee29acd5dd790a9704e2baa2aec7cf116b8ce61c031ac43bd38c5082
ec3930c3e916897bc11719c0b11ccbad1e2cbd064d0b298383d5336d71f8884c
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd0be33f9092f48675b10fb43ca7a99a99b16ce8231327b542509502ed21a50
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293
f21e20915944dce99072b1798e257fa6021c798d9b927db2dbd5c9f375fb0233
f23a9152d3a1e3d35f8221b5fefde2b762439140dede20024f93ea1cb4829c44
f424fd6b84ca54b61c2ce567aded547e6ef8c6a0807b095e02b2a2b9c3789bbe
f4f014cb74f3b341e5b43171bf87d57f3a7b878653f4a164d966cd6eea535a82
f557eace0ab7f5c416209ea3b01c21e6bb36e52bb87b8e1ddc762c9b4ad2f94f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b14a7fa2512bf3e7ce4d5ffb290da77abc80819ea2bb739ba95e160cd7a091
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f89bd4b22bec83d52910af69cae0f2e72af710392c5fa79f65aa663da05455
fa756a3bacb547d3f599d6c669b925ef35e907ac484b7bf300081926d3991e55
ff5ea258236f7d8a01da27a71705b23b236f71c4dbf485a09550832bdc6a9267
fff4071eb0bead4bed72ef86e072159a4a62cc1cd4bb4237425e1616dd4fb8aa
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2