www.upi.com Open in urlscan Pro
2606:4700::6812:120a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.metimes.com/
Effective URL:
https://www.upi.com/
Submission: On December 03 via manual (December 3rd 2024, 10:11:41 am UTC) from AU — Scanned from AU

Summary HTTP 205 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 95 IPs in 12 countries across 59 domains to perform 205 HTTP transactions. The main IP is 2606:4700::6812:120a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.upi.com. The Cisco Umbrella rank of the primary domain is 256790.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.

This is the only time www.upi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.178.59 172.67.178.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700::68... 2606:4700::6812:120a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4006:804::200a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	204.16.247.177 204.16.247.177	20326 (TERASWITCH) (TERASWITCH)
2	18.65.244.113 18.65.244.113	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:221... 2600:9000:2215:8a00:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
6	142.250.199.99 142.250.199.99	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.199.159.192 44.199.159.192	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1 5	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
2	108.158.20.76 108.158.20.76	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:440... 2606:4700:4400::6812:21b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.158.28.226 108.158.28.226	16509 (AMAZON-02) (AMAZON-02)
1	35.213.7.90 35.213.7.90	15169 (GOOGLE) (GOOGLE)
4 4	35.80.102.85 35.80.102.85	16509 (AMAZON-02) (AMAZON-02)
2	44.235.123.73 44.235.123.73	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.118 162.19.138.118	16276 (OVH OVH SAS) (OVH OVH SAS)
1	2406:6e00:f04... 2406:6e00:f048:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1 3	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	44.231.120.165 44.231.120.165	16509 (AMAZON-02) (AMAZON-02)
2	72.247.223.184 72.247.223.184	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2406:2600:7:1... 2406:2600:7:100::24	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	104.254.148.252 104.254.148.252	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.221.133.105 23.221.133.105	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.158.65 69.173.158.65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	207.65.33.78 207.65.33.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
6	174.138.117.240 174.138.117.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	52.74.95.248 52.74.95.248	16509 (AMAZON-02) (AMAZON-02)
1	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	44.225.145.61 44.225.145.61	16509 (AMAZON-02) (AMAZON-02)
1	18.67.93.113 18.67.93.113	16509 (AMAZON-02) (AMAZON-02)
1	3.0.107.214 3.0.107.214	16509 (AMAZON-02) (AMAZON-02)
1	108.158.32.72 108.158.32.72	16509 (AMAZON-02) (AMAZON-02)
1	108.158.35.170 108.158.35.170	16509 (AMAZON-02) (AMAZON-02)
1	23.38.131.47 23.38.131.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.158.32.17 108.158.32.17	16509 (AMAZON-02) (AMAZON-02)
1	104.18.28.101 104.18.28.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.35.210.115 13.35.210.115	16509 (AMAZON-02) (AMAZON-02)
1	159.223.128.170 159.223.128.170	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2404:6800:400... 2404:6800:4006:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:277... 2600:9000:277c:7a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.228.141.68 13.228.141.68	16509 (AMAZON-02) (AMAZON-02)
1 20	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	98.82.156.207 98.82.156.207	14618 (AMAZON-AES) (AMAZON-AES)
3	54.68.191.138 54.68.191.138	16509 (AMAZON-02) (AMAZON-02)
1	13.35.147.98 13.35.147.98	16509 (AMAZON-02) (AMAZON-02)
1	18.155.192.5 18.155.192.5	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH OVH SAS) (OVH OVH SAS)
3	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.148.15.86 54.148.15.86	16509 (AMAZON-02) (AMAZON-02)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
2 2	54.253.214.62 54.253.214.62	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:df2:a300... 2001:df2:a300:bbbb::136	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	2607:f350:1:2... 2607:f350:1:2569:0:10:0:c	27630 (AS-XFERNET) (AS-XFERNET)
1	2604:a880:400... 2604:a880:400:d0::252f:1001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2404:6800:400... 2404:6800:4006:804::2001	15169 (GOOGLE) (GOOGLE)
2	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4008:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81d::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.220.99 216.58.220.99	15169 (GOOGLE) (GOOGLE)
2	18.65.244.97 18.65.244.97	16509 (AMAZON-02) (AMAZON-02)
2	51.195.127.115 51.195.127.115	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.73.113 51.195.73.113	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.146.86 135.125.146.86	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.73.82 51.195.73.82	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.146.82 135.125.146.82	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.220 51.195.34.220	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.222 51.195.34.222	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.140.162 135.125.140.162	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.34.255 51.195.34.255	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.127.100 51.195.127.100	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.146.80 135.125.146.80	16276 (OVH OVH SAS) (OVH OVH SAS)
2	51.195.126.30 51.195.126.30	16276 (OVH OVH SAS) (OVH OVH SAS)
1	51.195.115.36 51.195.115.36	16276 (OVH OVH SAS) (OVH OVH SAS)
1	135.125.145.78 135.125.145.78	16276 (OVH OVH SAS) (OVH OVH SAS)
7	172.217.175.14 172.217.175.14	15169 (GOOGLE) (GOOGLE)
1	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
1 2	172.217.26.230 172.217.26.230	15169 (GOOGLE) (GOOGLE)
1	142.250.199.98 142.250.199.98	15169 (GOOGLE) (GOOGLE)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
1	23.221.133.65 23.221.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.221.132.242 23.221.132.242	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.223.2.229 52.223.2.229	() ()
1 1	34.210.155.102 34.210.155.102	() ()
1	54.188.228.126 54.188.228.126	() ()
1	2404:6800:400... 2404:6800:4004:822::2003	() ()
205	95

1 172.67.178.59 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.metimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700::6812:120a (United States)

ASN13335 (CLOUDFLARENET, US)

www.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnph.upi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:804::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:813::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.16.247.177 (Pittsburgh, United States)

ASN20326 (TERASWITCH, US)
PTR: dns.nextdns.io

play.libsyn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.244.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-113.syd3.r.cloudfront.net

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2215:8a00:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.199.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.159.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-159-192.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.24.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.20.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-76.syd62.r.cloudfront.net

abcheck.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:21b2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.158.28.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-28-226.syd3.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.80.102.85 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-102-85.us-west-2.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.235.123.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-123-73.us-west-2.compute.amazonaws.com

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:6e00:f048:1fa::2000 (Sydney, Australia)

ASN10310 (YAHOO-1, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.231.120.165 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-120-165.us-west-2.compute.amazonaws.com

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.223.184 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a72-247-223-184.deploy.static.akamaitechnologies.com

pxdrop.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::24 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.148.252 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.221.133.105 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-133-105.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 174.138.117.240 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebid.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.74.95.248 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.225.145.61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-145-61.us-west-2.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-113.syd62.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.0.107.214 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-72.syd3.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.35.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-35-170.syd3.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.131.47 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-131-47.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-17.syd3.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.101 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.210.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-210-115.sin2.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.223.128.170 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

wserver.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4006:810::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:277c:7a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.141.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-141-68.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:545 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.82.156.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-207.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.68.191.138 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-191-138.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-98.syd1.r.cloudfront.net

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.192.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-192-5.sfo53.r.cloudfront.net

eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proton.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.15.86 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-15-86.us-west-2.compute.amazonaws.com

ids4.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.86 (Singapore, Singapore) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.253.214.62 (Sydney, Australia) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-214-62.ap-southeast-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::136 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:1:2569:0:10:0:c (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:a880:400:d0::252f:1001 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bis3.vidazoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:4006:804::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)

21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c07::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::2002 (Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.220.99 (United States)

ASN15169 (GOOGLE, US)
PTR: syd10s01-in-f99.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.244.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-97.syd3.r.cloudfront.net

ai.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.127.115 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip115.ip-51-195-127.eu

d0.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d5.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.113 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip113.ip-51-195-73.eu

d1.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.146.86 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip86.ip-135-125-146.eu

d2.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.82 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-51-195-73.eu

d3.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.146.82 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip82.ip-135-125-146.eu

d4.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.220 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip220.ip-51-195-34.eu

d5.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.222 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip222.ip-51-195-34.eu

d6.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.140.162 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip162.ip-135-125-140.eu

d7.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.255 (Jordan)

ASN16276 (OVH OVH SAS, FR)
PTR: ip255.ip-51-195-34.eu

d0.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.127.100 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip100.ip-51-195-127.eu

d1.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.146.80 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip80.ip-135-125-146.eu

d2.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.126.30 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ip30.ip-51-195-126.eu

d3.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d6.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.115.36 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip36.ip-51-195-115.eu

d4.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.145.78 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip78.ip-135-125-145.eu

d7.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.175.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.26.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (San Francisco, United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.133.65 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-133-65.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.132.242 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-132-242.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.2.229 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.155.102 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.188.228.126 (None, )

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2003 (None, )

ASN- ()

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 1519 a.ad.gt — Cisco Umbrella Rank: 1619 p.ad.gt — Cisco Umbrella Rank: 1714 ids.ad.gt — Cisco Umbrella Rank: 1557 ids4.ad.gt — Cisco Umbrella Rank: 2415 pixels.ad.gt — Cisco Umbrella Rank: 1708 seg.ad.gt — Cisco Umbrella Rank: 1984 proton.ad.gt — Cisco Umbrella Rank: 4167	21 KB
20	upi.com www.upi.com — Cisco Umbrella Rank: 256790 cdnph.upi.com — Cisco Umbrella Rank: 241416	692 KB
11	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 analytics.google.com — Cisco Umbrella Rank: 142	73 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 284 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 ad.doubleclick.net — Cisco Umbrella Rank: 145	281 KB
9	browsiprod.com cdn.browsiprod.com — Cisco Umbrella Rank: 5520 events.browsiprod.com — Cisco Umbrella Rank: 4902 yield-manager.browsiprod.com — Cisco Umbrella Rank: 5460 ai.browsiprod.com — Cisco Umbrella Rank: 7257	107 KB
9	lijit.com 5 redirects ce.lijit.com — Cisco Umbrella Rank: 973 pxdrop.lijit.com — Cisco Umbrella Rank: 4260 ap.lijit.com — Cisco Umbrella Rank: 780	46 KB
9	proper.io global.proper.io — Cisco Umbrella Rank: 12487 abcheck.proper.io — Cisco Umbrella Rank: 13518 usync.proper.io — Cisco Umbrella Rank: 15107 bids.proper.io — Cisco Umbrella Rank: 13088 eb.proper.io — Cisco Umbrella Rank: 14459	167 KB
8	eu-4-id5-sync.com d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 57105 d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 57373 d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 58097 d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 57383 d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 57824 d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 57185 d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 58098 d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 57106	1 KB
8	eu-3-id5-sync.com d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 57497 d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 57409 d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 57844 d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 56793 d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 56713 d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 57122 d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 57000 d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 57620	1 KB
8	googlesyndication.com 21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 173	47 KB
8	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1591	23 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687 aax.amazon-adsystem.com — Cisco Umbrella Rank: 468 s.amazon-adsystem.com — Cisco Umbrella Rank: 337	95 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	139 KB
6	cootlogix.com prebid.cootlogix.com — Cisco Umbrella Rank: 3406	7 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	104 KB
5	vidazoo.com static.vidazoo.com — Cisco Umbrella Rank: 6234 wserver.vidazoo.com — Cisco Umbrella Rank: 11486 bis3.vidazoo.com — Cisco Umbrella Rank: 13412	49 KB
4	pubmatic.com 2 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 494 image2.pubmatic.com — Cisco Umbrella Rank: 886 ads.pubmatic.com — Cisco Umbrella Rank: 570	837 B
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 281 secure.adnxs.com — Cisco Umbrella Rank: 495 acdn.adnxs.com — Cisco Umbrella Rank: 643	4 KB
4	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 1453 cdn-ima.33across.com — Cisco Umbrella Rank: 1329	7 KB
4	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 533 cdn.id5-sync.com — Cisco Umbrella Rank: 1004	31 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 377	2 KB
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 505 token.rubiconproject.com — Cisco Umbrella Rank: 500 eus.rubiconproject.com — Cisco Umbrella Rank: 616	38 KB
3	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 552 propermedia-d.openx.net — Cisco Umbrella Rank: 41001	578 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 793	30 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 262	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1010 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	13 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 551 eb2.3lift.com	11 KB
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1737 sync.teads.tv — Cisco Umbrella Rank: 1684	492 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1313	104 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	206 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	20 B
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 30241	63 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 915	665 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1126	442 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	294 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	2 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1791	12 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1120	17 KB
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1527	645 B
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 496	569 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 1005	1 KB
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 949	13 KB
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	707 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1656	201 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255	76 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1941	15 KB
1	libsyn.com play.libsyn.com — Cisco Umbrella Rank: 80433
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1618	53 KB
1	metimes.com 1 redirects www.metimes.com	702 B
0	eyeota.net Failed ps.eyeota.net Failed
0	zqtk.net Failed aps.zqtk.net Failed
0	Failed function sub() { [native code] }. Failed
0	sharethrough.com Failed btlr.sharethrough.com Failed
0	advertising.com Failed pixel.advertising.com Failed
205	59

	Domain	Requested by
17	cdnph.upi.com	www.upi.com
10	fundingchoicesmessages.google.com	cadmus.script.ac
9	ids.ad.gt	1 redirects www.upi.com
8	g2.gumgum.com	global.proper.io
7	p.ad.gt	cadmus.script.ac p.ad.gt
6	prebid.cootlogix.com	global.proper.io
6	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	cadmus.script.ac
5	ce.lijit.com	4 redirects cadmus.script.ac
5	securepubads.g.doubleclick.net	1 redirects cadmus.script.ac www.upi.com
4	21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com	cadmus.script.ac
3	tpc.googlesyndication.com	www.upi.com
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	events.browsiprod.com	cdn.browsiprod.com
3	cdn.browsiprod.com	cadmus.script.ac
3	lexicon.33across.com	1 redirects www.upi.com cdn-ima.33across.com
3	id5-sync.com	global.proper.io cadmus.script.ac cdn.id5-sync.com
3	c.amazon-adsystem.com	cadmus.script.ac c.amazon-adsystem.com
3	static.vidazoo.com	cadmus.script.ac static.vidazoo.com
3	www.upi.com	www.upi.com
2	propermedia-d.openx.net	1 redirects cadmus.script.ac
2	ad.doubleclick.net	1 redirects www.upi.com
2	ai.browsiprod.com	cdn.browsiprod.com
2	static.criteo.net	cadmus.script.ac static.criteo.net
2	seg.ad.gt	p.ad.gt
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	www.upi.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cadmus.script.ac p.ad.gt
2	s.amazon-adsystem.com	1 redirects cadmus.script.ac
2	id.hadron.ad.gt	cdn.hadronid.net
2	ap.lijit.com	1 redirects global.proper.io
2	pxdrop.lijit.com	cadmus.script.ac
2	bids.proper.io	global.proper.io
2	usync.proper.io	www.upi.com
2	abcheck.proper.io	www.upi.com
2	www.google-analytics.com	cadmus.script.ac
2	global.proper.io	cadmus.script.ac
2	i.clean.gg	cadmus.script.ac
2	www.googletagmanager.com	www.upi.com cadmus.script.ac
2	fonts.googleapis.com	www.upi.com cadmus.script.ac
1	csi.gstatic.com	pagead2.googlesyndication.com
1	eb2.3lift.com	cadmus.script.ac
1	ads.pubmatic.com	cadmus.script.ac
1	eus.rubiconproject.com	cadmus.script.ac
1	sync.teads.tv	cadmus.script.ac
1	acdn.adnxs.com	cadmus.script.ac
1	www.googleadservices.com	www.upi.com
1	pagead2.googlesyndication.com	cadmus.script.ac
1	d7.eu-4-id5-sync.com	cadmus.script.ac
1	d6.eu-4-id5-sync.com	cadmus.script.ac
1	d5.eu-4-id5-sync.com	cadmus.script.ac
1	d4.eu-4-id5-sync.com	cadmus.script.ac
1	d3.eu-4-id5-sync.com	cadmus.script.ac
1	d2.eu-4-id5-sync.com	cadmus.script.ac
1	d1.eu-4-id5-sync.com	cadmus.script.ac
1	d0.eu-4-id5-sync.com	cadmus.script.ac
1	d7.eu-3-id5-sync.com	cadmus.script.ac
1	d6.eu-3-id5-sync.com	cadmus.script.ac
1	d5.eu-3-id5-sync.com	cadmus.script.ac
1	d4.eu-3-id5-sync.com	cadmus.script.ac
1	d3.eu-3-id5-sync.com	cadmus.script.ac
1	d2.eu-3-id5-sync.com	cadmus.script.ac
1	d1.eu-3-id5-sync.com	cadmus.script.ac
1	d0.eu-3-id5-sync.com	cadmus.script.ac
1	proton.ad.gt	cadmus.script.ac
1	www.google.com.au	www.upi.com
1	td.doubleclick.net	cadmus.script.ac
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	cadmus.script.ac
1	pixels.ad.gt	cadmus.script.ac
1	bis3.vidazoo.com	static.vidazoo.com
1	sync.go.sonobi.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com	www.upi.com
1	ids4.ad.gt	www.upi.com
1	lb.eu-1-id5-sync.com	cadmus.script.ac
1	eb.proper.io	global.proper.io
1	yield-manager.browsiprod.com	cdn.browsiprod.com
1	pixel.quantserve.com	www.upi.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	rules.quantcount.com	cadmus.script.ac
1	wserver.vidazoo.com	static.vidazoo.com
1	cdn.id5-sync.com	cadmus.script.ac
1	cdn.hadronid.net	cadmus.script.ac
1	cdn-ima.33across.com	cadmus.script.ac
1	tags.crwdcntrl.net	cadmus.script.ac
1	secure.cdn.fastclick.net	cadmus.script.ac
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	cadmus.script.ac
1	tlx.3lift.com	global.proper.io
1	hb.yellowblue.io	global.proper.io
1	htlb.casalemedia.com	global.proper.io
1	hbopenbid.pubmatic.com	global.proper.io
1	fastlane.rubiconproject.com	global.proper.io
1	a.teads.tv	global.proper.io
1	prebid.media.net	global.proper.io
1	ib.adnxs.com	global.proper.io
1	rtb.openx.net	global.proper.io
1	bidder.criteo.com	global.proper.io
1	ups.analytics.yahoo.com	global.proper.io
1	x.bidswitch.net	cadmus.script.ac
1	secure.quantserve.com	cadmus.script.ac
1	ping.chartbeat.net	www.upi.com
1	maxcdn.bootstrapcdn.com	www.upi.com
1	static.chartbeat.com	cadmus.script.ac
1	play.libsyn.com	www.upi.com
1	cadmus.script.ac	www.upi.com
1	www.metimes.com	1 redirects
0	ps.eyeota.net Failed	www.upi.com
0	aps.zqtk.net Failed	www.upi.com
0	truncated Failed
0	btlr.sharethrough.com Failed	global.proper.io
0	pixel.advertising.com Failed	cadmus.script.ac
205	116

This site contains links to these domains. Also see Links.

Domain
about.upi.com
sovrn.com

Subject Issuer	Validity	Valid
upi.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
upload.video.google.com WE2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
script.ac E5	`2024-10-19` - `2025-01-17`	3 months	crt.sh
i.clean.gg WR3	`2024-10-27` - `2025-01-25`	3 months	crt.sh
*.libsyn.com Sectigo ECC Organization Validation Secure Server CA	`2024-07-10` - `2025-08-10`	a year	crt.sh
*.proper.io Amazon RSA 2048 M02	`2024-04-15` - `2025-05-14`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.g.doubleclick.net WE2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
vidazoo.com WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-23`	3 months	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-11-22` - `2025-05-21`	6 months	crt.sh
cert2-prod.aut.a24365.net R11	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
prebid.media.net WR3	`2024-12-02` - `2025-03-02`	3 months	crt.sh
teads.tv R10	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.cootlogix.com Starfield Secure Certificate Authority - G2	`2024-10-13` - `2025-10-13`	a year	crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com Amazon RSA 2048 M02	`2024-04-05` - `2025-05-04`	a year	crt.sh
casalemedia.com E6	`2024-10-13` - `2025-01-11`	3 months	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-09-18` - `2025-10-18`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-30`	a year	crt.sh
hadronid.net WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
*.browsiprod.com Amazon RSA 2048 M03	`2024-11-14` - `2025-12-12`	a year	crt.sh
*.vidazoo.com Sectigo RSA Domain Validation Secure Server CA	`2024-03-12` - `2025-04-03`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
lexicon.33across.com WR3	`2024-11-02` - `2025-01-31`	3 months	crt.sh
id.hadron.ad.gt WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh
a.ad.gt WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
p.ad.gt WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
ids.ad.gt WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
pixels.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
seg.ad.gt WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-25`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com.au WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
proton.ad.gt WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
eu-3-id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
eu-4-id5-sync.com E5	`2024-11-11` - `2025-02-09`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
tpc.googlesyndication.com WE2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.upi.com/
Frame ID: 563FDDFD9C1FBFBE431C7A550FBE6EC8
Requests: 169 HTTP requests in this frame

Frame: https://play.libsyn.com/embed/episode/id/34247785/height/192/theme/modern/size/large/thumbnail/yes/custom-color/136a9f/time-start/00:00:00/hide-playlist/yes/font-color/FFFFFF
Frame ID: DD6CEE0E7DD15506D2C6C8BA654C9378
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1601.860&cid=c026&cls=admgmt
Frame ID: 62D6B4F2AB806AF1C086F1263CE09609
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift&dcc=t
Frame ID: 6276D7271689E11F6FFAD8A7575ABB27
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 870F23596DEBF6F414A92B2DE8AB1A00
Requests: 1 HTTP requests in this frame

Frame: https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 25C29930BE5DA11F192D19445FE2F60A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FVWZ0RM4DH&gacid=856184941.1733220692&gtm=45je4bk0v9116367008za200&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=816117958
Frame ID: FF9277FDE59BB599AAB3D55698C22B13
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: B7772EBE264F86136E0A072158DCF60C
Requests: 1 HTTP requests in this frame

Frame: https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0E6FFD70D78C6294091A44780CDDCB68
Requests: 1 HTTP requests in this frame

Frame: https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA1D0B0336422ACB8A2489AEB2CC3826
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012406252034000/amp4ads-v0.mjs
Frame ID: 2D11A938F6060FC14D9B46509183CC16
Requests: 15 HTTP requests in this frame

Frame: https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B8A3C483B665A547401C0629C5A5AEE9
Requests: 1 HTTP requests in this frame

Frame: https://propermedia-d.openx.net/w/1.0/pd?cc=1&&
Frame ID: 9C722F79813A4E06C5B59BCE2685DC17
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DD062759EF39411F86C9A5933A9C361F
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Frame ID: 9FA7E8FA7AB1BDE8CD74A149F7EF89BF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Frame ID: 7852CBA6EA991C531460B10CE90351BA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C89E7A655FAF728A3D3F38D06C72F9E9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 99414A67261BFE6A7FA26CC27761BECE
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Frame ID: 04755D3D7C7E6A6BAD8E5A57D09DB333
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Top News, Latest headlines, Latest News, World News & U.S News - UPI.com

Page URL History Show full URLs

https://www.metimes.com/ HTTP 301
https://www.upi.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

205
Requests

90 %
HTTPS

26 %
IPv6

59
Domains

116
Subdomains

95
IPs

12
Countries

2393 kB
Transfer

6196 kB
Size

158
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://about.upi.com/
Title: About UPI

Search URL Search Domain Scan URL

URL: https://about.upi.com/contact/
Title: Contact

Search URL Search Domain Scan URL

URL: https://about.upi.com/contact/corrections
Title: Corrections

Search URL Search Domain Scan URL

URL: https://about.upi.com/contact/advertising/
Title: Advertisements

Search URL Search Domain Scan URL

URL: https://about.upi.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://about.upi.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sovrn.com/?ref=ms-sticky

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.metimes.com/ HTTP 301
https://www.upi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_instream%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%5BSOVRNID%5D&&callback=window.proper_2ecfea50_922e577f_3 HTTP 302
https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_instream%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%5BSOVRNID%5D&callback=window.proper_2ecfea50_922e577f_3&dnr=1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=sovrn_instream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX

Request Chain 44

https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%5BSOVRNID%5D&&callback=window.proper_09b814db_953f0385_4 HTTP 302
https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%5BSOVRNID%5D&callback=window.proper_09b814db_953f0385_4&dnr=1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=sovrn_outstream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX

Request Chain 47

https://lexicon.33across.com/v1/envelope?pid=0013300001qHaOGAA0&src=pbjs&ver=8.7.0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time) HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0013300001qHaOGAA0&src=pbjs&ver=8.7.0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)&b=1&tp=nEk81wsErvd%2BW82C6NhZvVNr2qZfmHQ9MR3VMxHDMQQ%3D

Request Chain 102

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift&dcc=t

Request Chain 115

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&adnxs_id=5026676596621795076&gdpr=0

Request Chain 116

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=f7c9fd7d-6960-4110-a217-428d06484f04&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

Request Chain 117

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=8A515A70-B61B-4A3A-BD82-ACAA10A336C6&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

Request Chain 119

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001733220694-R3AJ1CJX-D9QJ%252526tapad_id%25253Da5b855d8-ca41-4ac1-9a54-0d7bba2b6889%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f7c9fd7d-6960-4110-a217-428d06484f04&ttd_puid=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001733220694-R3AJ1CJX-D9QJ%2526tapad_id%253Da5b855d8-ca41-4ac1-9a54-0d7bba2b6889%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&tapad_id=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889

Request Chain 121

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzIyMDY5NC1SM0FKMUNKWC1EOVFK

Request Chain 122

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=87131684920857892474432386366920120951&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

Request Chain 123

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ HTTP 302
https://ids.ad.gt/api/v1/amo_match?turn_id=4210054937772327184&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

Request Chain 124

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&uid=9b41cd6c-8834-469c-b90c-09a6973870d3&gdpr=0

Request Chain 186

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.388207684;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.388207684;dc_pre=CLC1kp-ui4oDFUtRwgUdiccsxg;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 187

https://securepubads.g.doubleclick.net/pagead/adview?ai=CnyTCVtlOZ-_fA4PFjMwP0PjNgAbZsbWWe7f5yrOrEq4CEAEg2Oq2IGCluJqAnAGgAdL4y-IDyAEJ4AIAqAMByAMKqgShAk_QwSqXs0Vs5l1CaPcRLINjPhSwiE8eTcqqv0FetCDZSvxOKM618M2M43FhGJEnZN2XUINg2SQfB6OpMGwRSs1K1yY21oFLkzRz38h-uoT_YKghwIfXzt2DFG_49v8OzVz5wWRK9EmO1Pax6ccURdj26or_avGQqIwx98RtlsqlXwRCCsd17kuHv0_1izLFGgmNxH5R6zvV2Hf2KQLfJ83OYT6LlF-xncgKkBFne7erPmwIDV0c4IXzq-yRNr1N8QQp6qPh06_GRuGqx8Y6eUOcLlE8L9ZqOOn7oggR-U8ph1gnaT6VByrMLo2g4EuvPir4rTa-2Dxc8Fp2dF-7ecfNcELSzOwb4kkgqxzXmL47MQkWBW8wWMLY4PZWvffl1KbABImou464AuAEAYgFo9X4rh6gBi6AB4GI1kOoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEOehEtIIJgiAYRABGB0yAooCOguAQIDAgICAoKiAAki9_cE6WJWgo56ui4oDmgkpaHR0cHM6Ly93d3cuc3F1YXJlc3BhY2UuY29tLz9nYWRfc291cmNlPTWACgPICwHaDBAKChDQyezKqtj4q2kSAgED4g0TCNHho56ui4oDFYMigwMdUHwTYOoNEwj1zqSerouKAxWDIoMDHVB8E2DYEwPQFQGAFwGyFyAKHAgAEhRwdWItNjYxMDgwMjYwNDA1MTUyMxjQnBIYAboXAjgBshgJEgLlWRguIgEA0BgB&sigh=EHm9pnMGM80&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSYACa7L7dRFH3iYjs3tmn4s4vNYLr24FgX49_rY5-36DHAtAQznRG57HS_gt9lIJctD0p8_JCp6y0TAG3aiYSGre3HMoOUW379QPzGRGwOqiAdHqAkPV9Z6r54LkYJTC6_RgB&template_id=5000&ebtr=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0d4ed770f24e9ee0000000000000000%22,%222%22:%220x5d4b83c834f80b700000000000000000%22,%223%22:%220xb7853d02431226920000000000000000%22,%224%22:%220x8c251809e655a71a0000000000000000%22,%225%22:%220x2a7dcd23c68955a30000000000000000%22},%22debug_key%22:%227815273449501077921%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225158004066114372497%22}&andc=true

Request Chain 197

https://id5-sync.com/i/445/8.gif?o=api&id5id=ID5*AIsz7S_l4ymYTbiGftrFQ6G1Ti-Noe0bcFLxTaUyv6ve9gPT9Mfj_F9_uRQuWN3n&gdpr_consent=undefined&gdpr=false HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F10%2F7%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/445/10/7/2.gif?puid=1477490157425142451&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=f7c9fd7d-6960-4110-a217-428d06484f04&ttl=%%TTL%% HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/445/108/5/4.gif?puid=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F112%2F4%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/445/112/4/5.gif?puid=9ADE310F7E8A275&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/445/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/445/2/3/6.gif?puid=5026676596621795076&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

Request Chain 198

https://propermedia-d.openx.net/w/1.0/pd?& HTTP 302
https://propermedia-d.openx.net/w/1.0/pd?cc=1&&

Request Chain 204

https://ap.lijit.com/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time) HTTP 302
https://ce.lijit.com/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time)

205 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.upi.com/
Redirect Chain

https://www.metimes.com/
https://www.upi.com/

310 KB
86 KB

87ms
33ms

Document
text/html

2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

826a989e6e27d5a642c0cb26430d8d8c400c833bcd6e6d1097101ea5f39c60d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	'SAMEORIGIN'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 60
cache-control: max-age=60, stale-while-revalidate=60, stale-if-error=1209600
cf-cache-status: HIT
cf-ray: 8ec2c5e5dc05ec7f-ADL
content-encoding: gzip
content-security-policy: frame-ancestors frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 10:11:30 GMT
expires: Tue, 03 Dec 2024 10:11:29 GMT
last-modified: Tue, 03 Dec 2024 10:10:30 GMT
pragma: public
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding,User-Agent
x-frame-options: 'SAMEORIGIN'

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5e20eed8664-PER
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 10:11:30 GMT
location: https://www.upi.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f29yrItCt0Pr97KjN%2BdavJFigdqJrdAsaUVjWvDPe%2FGoSOD9JBtVXx10Gr8p8wRkAgx6DmJDyOMWEm%2FHkBiCGaXuQDpS%2BbSDUj%2FIGDu1HBHlQVwV6DoCAN%2ByfCCXdA%2BsN%2B4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=47248&min_rtt=47145&rtt_var=7522&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4152&recv_bytes=4487&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=0ecbbe6062f807ca&ts=583&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,User-Agent

GET
H2 200 site.v1667398212.css
www.upi.com/inc/css/ 171 KB
25 KB 33ms
33ms Stylesheet
text/css 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upi.com/inc/css/site.v1667398212.css?fp=1&ss=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33bd5f1fdbcd6f3009cd1fe51b125ce3b770b846be8105b4f0f401edf6ef2c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=51840000
content-encoding: gzip
cf-cache-status: HIT
pragma: public
age: 723940
cf-ray: 8ec2c5e63c82ec7f-ADL
expires: Wed, 12 Nov 2025 20:30:56 GMT
date: Tue, 03 Dec 2024 10:11:30 GMT
content-type: text/css;charset=UTF-8
vary: Accept-Encoding,User-Agent
server: cloudflare
last-modified: Fri, 22 Mar 2024 20:30:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 324ms
144ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

836a224af188d2ebfee90a271b25baded165ec6f898c4e173ce3df443bb460f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 10:11:31 GMT
alt-svc: h3=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 10:11:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 340 KB
111 KB 583ms
196ms Script
application/javascript 2404:6800:4004:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BWJ5YG01BR

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

077edbe4918e41b03f363d6c701046b146b61f9bc38e28350f1084d3016354ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 10:11:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 113187
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.js Show response
cadmus.script.ac/d3terveqlssriz/ 150 KB
53 KB 360ms
305ms Script
application/javascript 2606:4700::6812:1791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984b187e0c9eccf1b4430d4102464c71d8f768bfddbba40e6a453dc98234e64c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
content-encoding: gzip
etag: W/"b4d5c70927e9e544616c1053975bea57b5fa6ed7"
age: 0
cf-ray: 8ec2c5e6de6c3e6f-ADL
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 02 Dec 2024 22:47:03 GMT

GET
H2 200 Delaware-judge-again-rules-against-Tesla-paying-Elon-Musk-56B-package.jpg
cdnph.upi.com/related/3981733218212/1/v1.2/3df6ed7ad021ab2017f4dd091aef83bd/upi/ 38 KB
38 KB 1136ms
1131ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/3981733218212/1/v1.2/3df6ed7ad021ab2017f4dd091aef83bd/upi/Delaware-judge-again-rules-against-Tesla-paying-Elon-Musk-56B-package.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d740a42c59fddbfe811ef28fa82189044959cce0bfc5d5b281605e1406f32c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5e68cd0ec7f-ADL
expires: Wed, 07 Jan 2026 10:11:31 GMT
accept-ranges: bytes
content-length: 39013
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 09:38:06 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 US-unveils-news-rules-banning-China-from-semiconductor-technology.jpg
cdnph.upi.com/related/3981733218212/2/v1.2/1964340ac760f4c49d55efb7c7eb1396/upi/ 31 KB
32 KB 1208ms
1204ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/3981733218212/2/v1.2/1964340ac760f4c49d55efb7c7eb1396/upi/US-unveils-news-rules-banning-China-from-semiconductor-technology.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a11168af079617eb83746731b45d55b24a108b277938f85ee379bea743236b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5e68ccfec7f-ADL
expires: Wed, 07 Jan 2026 10:11:31 GMT
accept-ranges: bytes
content-length: 32143
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 09:32:37 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 President-elect-Trump-to-attend-reopening-of-Paris-Notre-Dame-Cathedral.jpg
cdnph.upi.com/related/3981733218212/3/v1.2/8a0e7996c4a42448bbd0fec2cb678943/upi/ 29 KB
29 KB 1209ms
1208ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/3981733218212/3/v1.2/8a0e7996c4a42448bbd0fec2cb678943/upi/President-elect-Trump-to-attend-reopening-of-Paris-Notre-Dame-Cathedral.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f2f3e73a5158ede7a20b6056b8a45dc19d4ccf382de0370eaf96e23064d30da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5e8efa4ec7f-ADL
expires: Wed, 07 Jan 2026 10:11:32 GMT
accept-ranges: bytes
content-length: 29856
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 09:32:37 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 FDNY-Manhattan-apartment-fire-kills-1-injures-6-firefighters.jpg
cdnph.upi.com/related/3981733218212/4/v1.2/17332177986164/i/ 48 KB
48 KB 1411ms
1410ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/3981733218212/4/v1.2/17332177986164/i/FDNY-Manhattan-apartment-fire-kills-1-injures-6-firefighters.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f183b67d358849f0b4808bf8f900319903371e93c994fbea8053e39fb85e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5e8efa5ec7f-ADL
expires: Wed, 07 Jan 2026 10:11:32 GMT
accept-ranges: bytes
content-length: 49402
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 09:32:37 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Vietnamese-court-upholds-death-sentence-of-real-estate-tycoon-Truong-My-Lan.jpg
cdnph.upi.com/related/3981733218212/5/v1.2/4ca75e77ee45270c53db395c14bf0735/upi_com/ 38 KB
38 KB 1107ms
1106ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/3981733218212/5/v1.2/4ca75e77ee45270c53db395c14bf0735/upi_com/Vietnamese-court-upholds-death-sentence-of-real-estate-tycoon-Truong-My-Lan.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd20f4d03cbec8c337d62ff15bf83b07110199df3cd7eef422da0733228587d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5e8efa6ec7f-ADL
expires: Wed, 07 Jan 2026 10:11:32 GMT
accept-ranges: bytes
content-length: 39040
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 09:33:34 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 clear.gif
www.upi.com/img/ 42 B
233 B 31ms
30ms Image
image/gif 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upi.com/img/clear.gif

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=864000, public, must-revalidate
cf-cache-status: HIT
etag: "2a-4c1e08307bc80"
age: 437835
cf-ray: 8ec2c5e8efa7ec7f-ADL
accept-ranges: bytes
content-length: 42
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: image/gif
last-modified: Thu, 07 Jun 2012 11:52:02 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Jill-Biden-presents-2024-White-House-Holiday-decorations.jpg
cdnph.upi.com/related/7541733169664/1/v1.5/399ca39c5bf464c494a15c0926dd2378/upi/ 105 KB
106 KB 46ms
45ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/7541733169664/1/v1.5/399ca39c5bf464c494a15c0926dd2378/upi/Jill-Biden-presents-2024-White-House-Holiday-decorations.jpg?lg=3

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ff3a504a43dc24f931fd24b40b2ea079027b4c971a002e9e8b87daa63aed4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5e8efa9ec7f-ADL
expires: Tue, 06 Jan 2026 20:46:07 GMT
accept-ranges: bytes
content-length: 107813
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 20:02:03 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Ted-Danson-loves-comedy-drama-of-Man-on-the-Inside.jpg
cdnph.upi.com/related/9921732199413/1/v1.2/6e2f5e29a224f1e0b2fc8d74c7b8b8e6/upi/ 15 KB
15 KB 30ms
29ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/9921732199413/1/v1.2/6e2f5e29a224f1e0b2fc8d74c7b8b8e6/upi/Ted-Danson-loves-comedy-drama-of-Man-on-the-Inside.jpg?rc=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d2c99a28434f9d50ca6014759ddde35492fdfff42f22c63a3ab0cef3540588c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
age: 757767
cf-cache-status: HIT
cf-ray: 8ec2c5e94830ec7f-ADL
expires: Mon, 29 Dec 2025 15:42:04 GMT
accept-ranges: bytes
content-length: 14859
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: image/jpeg
last-modified: Thu, 21 Nov 2024 14:32:19 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Why-pressure-to-tip-might-make-customers-less-likely-to-return.jpg
cdnph.upi.com/related/8491733151097/1/v1.2/17331509192928/i/ 16 KB
16 KB 56ms
56ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/related/8491733151097/1/v1.2/17331509192928/i/Why-pressure-to-tip-might-make-customers-less-likely-to-return.jpg?rc=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da135bc6c618f8ccfd78f1e6b9cce78f90717098458399fe205553a8d7d04389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5e98866ec7f-ADL
expires: Tue, 06 Jan 2026 18:16:37 GMT
accept-ranges: bytes
content-length: 16023
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 14:57:27 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 237ms
235ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: Content-Length,Content-Range
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: application/octet-stream
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 307ms
234ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 03 Dec 2024 10:11:31 GMT
server: nginx/1.21.6
via: 1.1 google

GET
H2 200 FFFFFF
play.libsyn.com/embed/episode/id/34247785/height/192/theme/modern/size/large/thumbnail/yes/custom-color/136a9f/time-start/00:00:00/hide-playlist/yes/font-color/ Frame DD6C 0
0 1079ms
298ms Document
text/html 204.16.247.177
TERASWITCH

General

Check archive.org

Show headers Download Go to

Full URL: https://play.libsyn.com/embed/episode/id/34247785/height/192/theme/modern/size/large/thumbnail/yes/custom-color/136a9f/time-start/00:00:00/hide-playlist/yes/font-color/FFFFFF
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 204.16.247.177 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS: dns.nextdns.io
Software: Apache /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 503
content-type: text/html
date: Tue, 03 Dec 2024 10:11:32 GMT
expires: Thu, 1 Jan 1970 00:00:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-libsyn-host: (null)

GET
H2 200 upi.min.js Show response
global.proper.io/ 40 KB
10 KB 1024ms
921ms Script
text/javascript 18.65.244.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/upi.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-113.syd3.r.cloudfront.net
Software: /
Resource Hash: 597cc13828c2c283d9df2407c0c9ba011f5d9cf554c1792f16173fea3d308530

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: public, max-age=300
content-encoding: br
x-amzn-requestid: 3028bd05-3f8a-409c-bc34-f1e5ff5c04f4
via: 1.1 900141041f08038f9452e4f1a092ecd2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: zX9GvbeKFHmsOoKmCq9PcKUlg3iEGeWZ0qHaS77OJk_6s0PfHIw9rw==
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: text/javascript
last-modified: Wed, 20 Nov 2024 21:23:31 GMT
vary: accept-encoding, Origin
x-amz-cf-pop: SYD3-P1
x-amz-server-side-encryption: AES256

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 170ms
44ms Script
application/x-javascript 2600:9000:2215:8a00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:8a00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"665fad8c-9895"
age: 55269
cross-origin-resource-policy: cross-origin
via: 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
expires: Tue, 03 Dec 2024 18:50:22 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: VqXb_dSoTIi_mubQX3Fg45WIxPUjEW6bJfPLBjOtoJWUuPbS3qOuTA==
date: Mon, 02 Dec 2024 18:50:22 GMT
content-type: application/x-javascript
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: SYD62-P2
vary: Accept-Encoding

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 350ms
157ms Font
font/woff2 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 289154
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 01:52:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 01:52:17 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ 20 KB
20 KB 473ms
281ms Font
font/woff2 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 303771
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 21:48:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 21:48:40 GMT
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20040
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 416ms
224ms Font
font/woff2 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 366873
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 04:16:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 04:16:58 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 37 KB
37 KB 358ms
165ms Font
font/woff2 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Montserrat:400,500,600,700|Lato:300,400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 482627
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 20:07:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 20:07:44 GMT
last-modified: Wed, 06 Nov 2024 17:30:37 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37828
x-xss-protection: 0
server: sffe

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 57ms
26ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://www.upi.com/

Response headers

cdn-status: 200
cf-cache-status: HIT
etag: "af7ae505a9eed503f8b8e6982036873e"
age: 1286947
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 10:11:31 GMT
content-type: font/woff2
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 09/26/2024 10:53:46
cdn-cache: HIT
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 1
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ccd29aef52d2cbed63d1fa0889126209
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8ec2c5e96bc0ec77-ADL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77160
cdn-edgestorageid: 1114
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 Clayne-Crawford-Summer-Shelton-embrace-small-You-I-crew-long-takes.jpg
cdnph.upi.com/ph/st/th/9371733166323/2024/i/17331669277019/v1.5/ 17 KB
17 KB 1281ms
1281ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/9371733166323/2024/i/17331669277019/v1.5/Clayne-Crawford-Summer-Shelton-embrace-small-You-I-crew-long-takes.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e5a5d699c653f0019b2c11a4342f09535d6a8f725dffe7608fb0e9b166f9364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
content-encoding: gzip
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5e9d8c1ec7f-ADL
expires: Wed, 07 Jan 2026 10:11:32 GMT
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 10:11:32 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 8-shot-3-fatally-in-Chicagos-Gage-Park-neighborhood.jpg
cdnph.upi.com/ph/st/th/5391733192653/2024/i/17332184354373/v1.5/ 33 KB
33 KB 1135ms
1134ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/5391733192653/2024/i/17332184354373/v1.5/8-shot-3-fatally-in-Chicagos-Gage-Park-neighborhood.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e9ee69fca2b277085bf8b398111d1b4c75d15237024ee27ba9900fb2947880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5edad3cec7f-ADL
expires: Wed, 07 Jan 2026 10:11:32 GMT
accept-ranges: bytes
content-length: 33624
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 09:35:40 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Brain-rot-named-Oxford-Word-of-the-Year-for-2024.jpg
cdnph.upi.com/ph/st/th/1091733175699/2024/upi_com/d7df9a14ff44f3acc6ef2f9fb0979970/v1.5/ 11 KB
11 KB 977ms
977ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/1091733175699/2024/upi_com/d7df9a14ff44f3acc6ef2f9fb0979970/v1.5/Brain-rot-named-Oxford-Word-of-the-Year-for-2024.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc6782ed743970d404924d7962eaaa2a89b9b78384a609ae808374bd605bc5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-cache-status: MISS
pragma: public
cf-ray: 8ec2c5ee1db9ec7f-ADL
expires: Wed, 07 Jan 2026 10:11:32 GMT
accept-ranges: bytes
content-length: 11411
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 22:47:05 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Famous-birthdays-for-Dec-3-Ozzy-Osbourne-Anna-Chlumsky.jpg
cdnph.upi.com/ph/st/th/3871733205562/2024/upi/e92e62696e5aab9032709b69db3c27e5/v1.5/ 26 KB
26 KB 59ms
59ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/3871733205562/2024/upi/e92e62696e5aab9032709b69db3c27e5/v1.5/Famous-birthdays-for-Dec-3-Ozzy-Osbourne-Anna-Chlumsky.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e923c11bc59a9f8499f5371685aab1645b88fa5816e3c1b5c4211ea3d7f4bbfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5efdfe6ec7f-ADL
expires: Wed, 07 Jan 2026 08:06:41 GMT
accept-ranges: bytes
content-length: 26885
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 08:00:26 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Restaurant-breaks-kebab-world-record-at-Australian-festival.jpg
cdnph.upi.com/ph/st/th/5451733174541/2024/i/17331747209407/v1.5/ 43 KB
43 KB 45ms
45ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/5451733174541/2024/i/17331747209407/v1.5/Restaurant-breaks-kebab-world-record-at-Australian-festival.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59c695d1e4948c5a67253eee786cf699a6de685a156ac167239f1d6546f140e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5f04869ec7f-ADL
expires: Wed, 07 Jan 2026 02:51:32 GMT
accept-ranges: bytes
content-length: 44075
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 02:49:38 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Manufacturing-countertops-may-create-lung-hazards-for-workers.jpg
cdnph.upi.com/ph/st/th/7641733148559/2024/i/17331538463506/v1.5/ 18 KB
18 KB 44ms
43ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/7641733148559/2024/i/17331538463506/v1.5/Manufacturing-countertops-may-create-lung-hazards-for-workers.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db668f24fafe0f612e843aa6f57526e0038ea68237666eceddb44ba964600fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5f078a7ec7f-ADL
expires: Tue, 06 Jan 2026 22:49:38 GMT
accept-ranges: bytes
content-length: 18051
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 15:40:05 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 Scientists-discover-way-to-deliver-medicines-across-brains-protective-barrier.jpg
cdnph.upi.com/ph/st/th/2591732726180/2024/i/17327425729817/v1.5/ 28 KB
28 KB 33ms
32ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/2591732726180/2024/i/17327425729817/v1.5/Scientists-discover-way-to-deliver-medicines-across-brains-protective-barrier.jpg

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f679f6be3a389388ac32d86727eac46e3d111f08906050ea598daf1fbc3574f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
age: 381763
cf-cache-status: HIT
cf-ray: 8ec2c5f098e8ec7f-ADL
expires: Thu, 01 Jan 2026 21:28:25 GMT
accept-ranges: bytes
content-length: 28502
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Wed, 27 Nov 2024 21:25:19 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 On-This-Day-Judge-OKs-Detroits-largest-municipal-bankruptcy-in-US.jpg
cdnph.upi.com/ph/st/th/3461733205558/2024/upi/681f5d4a15369f28334b8473a5193102/v1.5/ 44 KB
45 KB 64ms
63ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/3461733205558/2024/upi/681f5d4a15369f28334b8473a5193102/v1.5/On-This-Day-Judge-OKs-Detroits-largest-municipal-bankruptcy-in-US.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cf341e5c60b0820ef49653146a00a4dedc5e4acfe3c9a7c1c7186435af15322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5f0c93eec7f-ADL
expires: Wed, 07 Jan 2026 08:06:41 GMT
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Tue, 03 Dec 2024 08:06:41 GMT
vary: Accept-Encoding,User-Agent
server: cloudflare

GET
H2 200 New-York-Jets-commit-to-Aaron-Rodgers-as-starting-quarterback.jpg
cdnph.upi.com/ph/st/th/6001733163953/2024/upi/ba8b79bfe4c702d834e21bd8d70b7671/v1.5/ 38 KB
38 KB 58ms
57ms Image
image/jpeg 2606:4700::6812:120a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnph.upi.com/ph/st/th/6001733163953/2024/upi/ba8b79bfe4c702d834e21bd8d70b7671/v1.5/New-York-Jets-commit-to-Aaron-Rodgers-as-starting-quarterback.jpg?lg=1

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:120a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1125155a70f5835329ada5354f890c4ee41accf5e2d9130925a78a86c6821591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: maxage=34560000
cf-bgj: h2pri
pragma: public
cf-cache-status: HIT
cf-ray: 8ec2c5f0d94dec7f-ADL
expires: Tue, 06 Jan 2026 18:59:13 GMT
accept-ranges: bytes
content-length: 38687
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 18:58:28 GMT
vary: User-Agent, Accept-Encoding
server: cloudflare

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 791ms
263ms Image
image/gif 44.199.159.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=upi.com&p=%2F&u=C1rNbkC81B2ILpYu8&d=upi.com&g=4027&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6209&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.upi.com%2F&b=1794&t=D2Vp1bcLEcFDw0BpdCBNmGWC2gLwR&V=147&i=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26amp%3B%20U.S%20News%20-%20UPI.com&tz=-480&sn=1&sv=V5kGxC_ENLrjC2eFC_HxJTB-BWAZ&sr=external&sd=1&im=06032c0f&_
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.199.159.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-199-159-192.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Tue, 03 Dec 2024 10:11:32 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 275ms
126ms Fetch
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BWJ5YG01BR&gtm=45je4bk0v879172129za200&_p=1733220690953&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=856184941.1733220692&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733220692&sct=1&seg=0&dl=https%3A%2F%2Fwww.upi.com%2F&dt=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26amp%3B%20U.S%20News%20-%20UPI.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2575
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.upi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
33 KB 293ms
154ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

6959ef2426f889b8992095f68c51ab219264d753fa9e1a0bf38b2809efab3369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: 332 / 20060 / m202411180101 / config-hash: 17540668544439933197
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 10:11:32 GMT
alt-svc: h3=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33436
x-xss-protection: 0
server: cafe

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 622 KB
152 KB 45ms
44ms Script
text/javascript 18.65.244.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-113.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3682ce850eb37d9c7692129c5bb2df91e13d1dbb91cd6e3a6f0cf04f0c62c942

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

x-amz-cf-pop: SYD3-P1
content-encoding: br
etag: W/"39dfab4eafaedc7517425f8be740bc5b"
age: 51138
via: 1.1 900141041f08038f9452e4f1a092ecd2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: j7awzcWtN6wE7e9kYqPjP_cSX1a2wOtpjalTNPkLLKiABeFFKPIo-Q==
date: Mon, 02 Dec 2024 19:59:15 GMT
content-type: text/javascript
vary: accept-encoding, Origin
server: AmazonS3
last-modified: Thu, 12 Sep 2024 16:09:34 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 128ms
40ms Image
image/gif 108.158.20.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=1&rn=5.610968091135277
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-76.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

etag: "04b36c8411ae7bf7a8c369fa94b30e56"
age: 35117
via: 1.1 ece2a231e09716eb97b51099bf5928fe.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 842
x-amz-cf-id: _KYVQnj-iiKcY_O8WxyGWpYLFWZzhpYQMOFJ_mYCG3n3XrAQN4-q_g==
date: Tue, 03 Dec 2024 00:26:16 GMT
content-type: image/gif
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
vary: accept-encoding

GET
H2 200 px.gif
abcheck.proper.io/ 842 B
1 KB 128ms
41ms Image
image/gif 108.158.20.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abcheck.proper.io/px.gif?ch=2&rn=5.610968091135277
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-76.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

etag: "04b36c8411ae7bf7a8c369fa94b30e56"
age: 35117
via: 1.1 ece2a231e09716eb97b51099bf5928fe.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 842
x-amz-cf-id: Rt6eHBBKGGf0ryJuxN0VOr2t5RwPPD3yAEmy0WaxRe6HTt6cEPPc9Q==
date: Tue, 03 Dec 2024 00:26:16 GMT
content-type: image/gif
last-modified: Thu, 06 Jan 2022 18:51:44 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P3
vary: accept-encoding

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 478ms
144ms Script
application/javascript 2620:116:800e:21:a878:7c6e:cf7b:3362
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Tue, 10 Dec 2024 10:11:32 GMT
accept-ranges: bytes
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 vwpt.js Show response
static.vidazoo.com/basev/ 150 KB
44 KB 92ms
36ms Script
application/javascript 2606:4700:4400::6812:21b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/vwpt.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 001aca05bbd1a4edb06602ba33cda251c6abbe28f94add4ba997042ca228dfb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
content-encoding: gzip
cf-cache-status: HIT
etag: "cc89d55f1ca159cc49fe0d4b391e53ea"
age: 59599
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Wed, 04 Dec 2024 10:11:32 GMT
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/javascript
last-modified: Tue, 27 Aug 2024 06:53:48 GMT
vary: Accept-Encoding
x-amz-id-2: G84NNrOoR9vSUeAYkeltWTJcw8xmQzDMdkDHX9tfC/nUiUAfJFZYYSgN+Bvt4Ubw4d3+3CgZwB0=
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
x-amz-request-id: ZVVC3RDBSW27N14Q
cf-ray: 8ec2c5f1187cec7b-ADL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44012
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 139ms
43ms Script
application/javascript 108.158.28.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.28.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-28-226.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"812ceba01127f3bf5aede260eaddcd29"
age: 2603
via: 1.1 35202ecfee8e63e178de36be1b541f0e.cloudfront.net (CloudFront), 1.1 2bff6bbbee7da79c98259baccec11e2c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: t_d8ieECbmLfARbcIwdOuScKoWBD8PwdTOlIRBFK9mIQ3HPjVpZZnw==
date: Tue, 03 Dec 2024 09:28:10 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:03 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2, SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%24%7BBSW_UUID%7D Show response
x.bidswitch.net/check_uuid/ 43 B
183 B 630ms
176ms Script
image/gif 35.213.7.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_77819779_14bdfc33_1
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: image/gif

GET sync
pixel.advertising.com/ups/58316/ 0
0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_instream%26proper_uid%3D8573852b-6d25-4d99-92...
https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_instream%26proper_uid%3D8573852b-6d25-4d99-92...
https://usync.proper.io/v1/usersync?bidder=sovrn_instream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX

176 B
378 B

569ms
183ms

Script
text/javascript

44.235.123.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=sovrn_instream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 44.235.123.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-123-73.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 909c13c8b232c721f3e80517fe52e6b18234ddafd7b9da3db8030ce33d736c42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: *
content-length: 176
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: text/javascript
server: nginx/1.18.0

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location: https://usync.proper.io/v1/usersync?bidder=sovrn_instream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 03 Dec 2024 10:11:33 GMT
vary: Accept-Encoding

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3D8573852b-6d25-4d99-9...
https://ce.lijit.com/merge?pid=263069&3pid=8573852b-6d25-4d99-9272-6278287e6ed5&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3D8573852b-6d25-4d99-9...
https://usync.proper.io/v1/usersync?bidder=sovrn_outstream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX

177 B
378 B

570ms
184ms

Script
text/javascript

44.235.123.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=sovrn_outstream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 44.235.123.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-235-123-73.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 3a07dbcc3ec874e46abfbed6e3b48876d3e781440e56edb18924d153df54f491

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: *
content-length: 177
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: text/javascript
server: nginx/1.18.0

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location: https://usync.proper.io/v1/usersync?bidder=sovrn_outstream&proper_uid=8573852b-6d25-4d99-9272-6278287e6ed5&uid=JxOjARZHSKg2KXRUSnmrWvcX
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 03 Dec 2024 10:11:33 GMT
vary: Accept-Encoding

POST
H2 200 445.json Show response
id5-sync.com/g/v2/ 638 B
1 KB 999ms
332ms XHR
application/json 162.19.138.118
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

d8726b63dbd6bbf37b1ddb7d6f7dbcfa82ae82c0ea56e8d3d579a69b9c5172a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.upi.com
p3p: CP="CAO PSA OUR"
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
vary: Origin

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58491/ 316 B
707 B 217ms
132ms XHR
application/json 2406:6e00:f048:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58491/fed?v=1&1p=1&url=https%3A%2F%2Fwww.upi.com%2F&puid=8573852b-6d25-4d99-9272-6278287e6ed5&pixelId=58491&gdpr=0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:6e00:f048:1fa::2000 Sydney, Australia, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

2d2bc4369d46bb6febd7aa823ffd9b347e7fe804f9d7ae6bff1afb8135bd7581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000
age: 0
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: https://www.upi.com
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/json
vary: Origin
server: ATS

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0013300001qHaOGAA0&src=pbjs&ver=8.7.0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
https://lexicon.33across.com/v1/envelope?pid=0013300001qHaOGAA0&src=pbjs&ver=8.7.0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)&b=1&tp=nEk81wsErvd%2BW82...

42 B
138 B

184ms
182ms

XHR
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001qHaOGAA0&src=pbjs&ver=8.7.0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)&b=1&tp=nEk81wsErvd%2BW82C6NhZvVNr2qZfmHQ9MR3VMxHDMQQ%3D
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.upi.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/json
vary: origin

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
location: https://lexicon.33across.com/v1/envelope?pid=0013300001qHaOGAA0&src=pbjs&ver=8.7.0&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)&b=1&tp=nEk81wsErvd%2BW82C6NhZvVNr2qZfmHQ9MR3VMxHDMQQ%3D
access-control-allow-credentials: true
referrer-policy: unsafe-url
via: 1.1 google
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: https://www.upi.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 03 Dec 2024 10:11:29 GMT
vary: origin

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 813ms
184ms XHR
application/octet-stream 44.231.120.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.120.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-120-165.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 03 Dec 2024 10:11:33 GMT
Content-Type: application/octet-stream
Connection: keep-alive

GET
H/1.1 200
OK t.dhj Show response
pxdrop.lijit.com/1/d/ 2 KB
2 KB 135ms
42ms Script
text/javascript 72.247.223.184
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://pxdrop.lijit.com/1/d/t.dhj?cls=admgmt&dmn=upi.com&GDPR_v2=&us_privacy=&pubid=upi&gpp=&gpp_sid=

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

72.247.223.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a72-247-223-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

59add41e845abca045c214506602d803eccdf88f6056af96195de83de54fd58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

X-Robots-Tag: noindex, nofollow
Cache-Control: private, max-age=3600
Content-Encoding: gzip
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Tue, 03 Dec 2024 11:11:32 GMT
Content-Length: 1399
Date: Tue, 03 Dec 2024 10:11:32 GMT
Content-Type: text/javascript

GET
H2 200 cmp.js Show response
static.vidazoo.com/basev/cmp/1.0.1/ 3 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700:4400::6812:21b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/cmp/1.0.1/cmp.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2345e6cbff5c4272c633dafc3d96b17107fa2bb3643fa3efa5ce4718c52adead

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
content-encoding: gzip
cf-cache-status: HIT
etag: "537d031a09119574ca284f3fe36dd61b"
age: 59715
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Wed, 04 Dec 2024 10:11:32 GMT
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:34:24 GMT
vary: Accept-Encoding
x-amz-id-2: XsaY57X1DSVhGtaaEdzGIq0KfgzeTTe+wYypiiUY8Kxmda5fM/xVorTTRW6bGGjmdHkeEOzkejc=
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
x-amz-request-id: BK8BYJY2WSMNMPZ4
cf-ray: 8ec2c5f17920ec7b-ADL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1399
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 42ms
41ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 56105
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 18:36:27 GMT
alt-svc: h3=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 02 Dec 2024 18:36:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H2 200 widget.js Show response
static.vidazoo.com/basev/wgt/atlas/1.0.0/ 8 KB
4 KB 75ms
32ms XHR
application/javascript 2606:4700:4400::6812:21b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vidazoo.com/basev/wgt/atlas/1.0.0/widget.js
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 806871840e6f25ca20d436193756a82379c3a890f45204b437c18d490179ca31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
content-encoding: gzip
cf-cache-status: HIT
etag: "18a2e7c88969e623660290d4fd8280fe"
age: 2845
access-control-allow-methods: GET, OPTIONS, HEAD
expires: Wed, 04 Dec 2024 10:11:32 GMT
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 17:15:37 GMT
vary: Accept-Encoding
x-amz-id-2: G7Rvjo3sEXTWTCqRspgA2AiM+Y40C9FpdPsnCAu+ER1RxBoi8cdEv9uN2WTLoGxQIcNDRn/M/FA=
access-control-allow-headers: Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control: public, max-age=86400
x-amz-request-id: SK2V299Y74E4NEGP
cf-ray: 8ec2c5f1fffd55f4-ADL
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2929
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 cdb Show response
bidder.criteo.com/ 24 KB
13 KB 777ms
371ms XHR
application/json 2406:2600:7:100::24
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=8.7.0&cb=48566031123&im=1

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::24 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

851b5c94703e31d0d9dcf759766d3df8a83cf2dc23dce6dbcb06edc44a4f2454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000; preload;
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: Kestrel

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
372 B 269ms
204ms XHR
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: fd729552215a6aef18570faca151d7079488e9bd97b077de1d8f4370171886a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-forwarded-for: 103.214.20.148
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.upi.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: text/plain;charset=UTF-8
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 700 B
1 KB 1204ms
448ms XHR
application/json 104.254.148.252
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

65fb3a769d5b2cfc1f3e73d9db6b4e2a591576599ff0326ed764881992d8a206

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.214.20.148; 103.214.20.148; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://www.upi.com
an-x-request-uuid: 24d0718d-1d5b-452e-8f0e-5ecb9b47fa6f
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 03 Dec 2024 10:11:33 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 321ms
257ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 7ebde833fa22dc90773c83a56dbc3295b7e19c46cb2bcbc5db9d9e6cad60721e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 141
access-control-allow-credentials: true
via: 1.1 google
expires: Tue, 03 Dec 2024 10:11:32 GMT
access-control-allow-origin: https://www.upi.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
492 B 328ms
228ms XHR
application/json 23.221.133.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.133.105 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-133-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-origin: https://www.upi.com
content-length: 42
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
vary: Accept-Encoding

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 133 KB
37 KB 1093ms
269ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=378202&zone_id=2087932&size_id=2%3B2%3B15%3B15%3B15%3B15&alt_size_ids=%3B%3B9%2C10%3B%3B%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=0b077c9d-19a7-4e18-a139-c4c961b88925&x_imp.ext.tid=0b077c9d-19a7-4e18-a139-c4c961b88925&p_screen_res=1600x1200&tg_fl.eid=2087932-6%3B2087932-7%3B2087932-4%3B2087932-1%3B2087932-2%3B2087932-3&rf=https%3A%2F%2Fwww.upi.com%2F&ppuid=8573852b-6d25-4d99-9272-6278287e6ed5&eid_pubcid.org=8573852b-6d25-4d99-9272-6278287e6ed5%5E1&rp_schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1&slots=6&rand=0.7518174316828417
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.27.2 /
Resource Hash: 9d85dc4b95e5453decb7bccf96248b36a72318647d47a76a2b9e5e1c9fb67f26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.27.2

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 396ms
102ms XHR
text/plain 207.65.33.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-credentials: true

POST
H/1.1 204
No Content 638f9e20ba1056ce9c06add8 Show response
prebid.cootlogix.com/prebid/multi/ 0
1 KB 1451ms
848ms XHR
text/plain 174.138.117.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/638f9e20ba1056ce9c06add8
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.117.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 03 Dec 2024 10:11:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H/1.1 204
No Content 638f9e20ba1056ce9c06add8 Show response
prebid.cootlogix.com/prebid/multi/ 0
1 KB 1200ms
598ms XHR
text/plain 174.138.117.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/638f9e20ba1056ce9c06add8
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.117.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H/1.1 204
No Content 638f9e20ba1056ce9c06add8 Show response
prebid.cootlogix.com/prebid/multi/ 0
1 KB 1316ms
714ms XHR
text/plain 174.138.117.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/638f9e20ba1056ce9c06add8
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.117.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H/1.1 204
No Content 638f9e20ba1056ce9c06add8 Show response
prebid.cootlogix.com/prebid/multi/ 0
1 KB 1138ms
536ms XHR
text/plain 174.138.117.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/638f9e20ba1056ce9c06add8
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.117.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H/1.1 204
No Content 638f9e20ba1056ce9c06add8 Show response
prebid.cootlogix.com/prebid/multi/ 0
1 KB 1375ms
773ms XHR
text/plain 174.138.117.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/638f9e20ba1056ce9c06add8
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.117.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 03 Dec 2024 10:11:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H/1.1 204
No Content 638f9e20ba1056ce9c06add8 Show response
prebid.cootlogix.com/prebid/multi/ 0
1 KB 2470ms
1866ms XHR
text/plain 174.138.117.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/638f9e20ba1056ce9c06add8
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 174.138.117.240 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
date: Tue, 03 Dec 2024 10:11:35 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 468ms
179ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692758&to=-480&t=rm3lr58d&maxw=728&maxh=90&si=284943&bf=728x90&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 91f6f43f1e4ec370c8c8a5dde4a86e7697455d433c6c7aa72de0abee56aef50f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 520ms
232ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692758&to=-480&t=rm3lr58d&maxw=728&maxh=90&si=302247&bf=728x90&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a2c49bc40bbfe94a72e924977b8d4ed43bdedc0b66e6b1da20654a96976dcb11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 466ms
177ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692759&to=-480&t=rm3lr58d&maxw=160&maxh=600&si=284934&bf=160x600&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f50dc9908f42739da1c6f05d36d7a853da526c72cf63dc423732756ec2f7f3c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 468ms
180ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692759&to=-480&t=rm3lr58d&maxw=300&maxh=250&si=284937&bf=300x250&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f1f00f1995aa49a6d31cdc6412adc4ec2281dfe41b9e6f3c6722cdbfbd8a12bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 562ms
274ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692759&to=-480&t=rm3lr58d&maxw=300&maxh=250&si=302243&bf=300x250&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 812af34f04b9a6e6957304ad0bfe69b21fc794ec991d7c02d5948e1d224bb961

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 562ms
274ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692759&to=-480&t=rm3lr58d&maxw=300&maxh=250&si=302244&bf=300x250&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9b45790d31b3e90e247842e3afbd112e600a66fe0de026437bf212d872817375

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 3 KB
1 KB 469ms
181ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692759&to=-480&t=rm3lr58d&maxw=300&maxh=250&si=302245&bf=300x250&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 29c3f84a188cd28b56472e456ac6f34f728f8a79c1e6ed8437e9c3a44e2957e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 32 KB
13 KB 562ms
274ms XHR
application/json 52.74.95.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?pi=3&lt=1733220692759&to=-480&t=rm3lr58d&maxw=300&maxh=600&si=284938&bf=300x600&fp=0.1&fpc=USD&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&gppConsent=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.upi.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.7.0%22%7D&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.95.248 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-95-248.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0407e8c35ee32767361ef09ac112cecc2193a7576f84e49dc5f24e7ced0e6b58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
server: nginx

POST
H3 200 cygnus Show response
htlb.casalemedia.com/ 58 B
569 B 155ms
126ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=679380
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0a54f4853d60dce70ae1b27d56d97e94770f546aeb9f3a25ca7a3fe860bec8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=76%2BWBd4D89a9vqEmZmW07OahYrdt1PbX82z%2FiWFoO0G498l3VpeLxKNr3kYpcEbmq58fSo5nErejTlc9VnMIGtkl8Y2%2BEzeMThrnT7XpGW%2FhauOeAmITrJBU5T4Z7RGm7FxwxQ2u"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8ec2c5f1f83eec82-ADL
access-control-allow-origin: https://www.upi.com
server: cloudflare

GET v1
btlr.sharethrough.com/WYu2BXv1/ 0
0

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 165 KB
42 KB 1024ms
617ms XHR
application/json 44.225.145.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.7.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.225.145.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-225-145-61.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4706a1140015223c3bd0cc307ebace5ca7064fc6d834b0e1b2de2ede7112a1c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 104 B
645 B 412ms
320ms XHR
application/json 18.67.93.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-113.syd62.r.cloudfront.net
Software: istio-envoy /
Resource Hash: c81de75cab5accbce049abaa5c238ecd04279d8c3b82f9541699728369cd37cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 a63f63c0130cd2db055700cdbe2c6c88.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.upi.com
x-cache: Miss from cloudfront
content-length: 129
x-amz-cf-id: HQk-m-_07tihgVZ84mkgU1AxOZhDYVKGotxnJGsaCvXkE6FpqECaIQ==
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
x-amz-cf-pop: SYD62-P1
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 auction Show response
tlx.3lift.com/header/ 21 KB
11 KB 694ms
409ms XHR
application/json 3.0.107.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.7.0&referrer=https%3A%2F%2Fwww.upi.com%2F&tmax=1000

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.0.107.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ab0e57d6890165f76749bc838162b986c33a87d5e02cfede7c4bf2e8b6fcb79a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: zstd
pragma: no-cache
accept-ch: sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent
access-control-allow-credentials: true
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://www.upi.com
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 9794
x-xss-protection: 0
content-type: application/json; charset=utf-8

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 119ms
40ms XHR
application/javascript 108.158.28.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.28.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-28-226.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 49885
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 1aQ9wQ0zrXsseg05HwBURR-vR_QgdeS1_SwldWYyqa3f3eW4cS_pmg==
date: Mon, 02 Dec 2024 20:20:08 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 352b1001018ea123117ef28ad154f522.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SYD3-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cb3b5777-430d-4622-b7fc-358cfa27d518 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 138ms
40ms Script
application/javascript 108.158.32.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-72.syd3.r.cloudfront.net
Software: CloudFront /
Resource Hash: 41dc8772453d3a69d43eebef99169f5351ec084541d97678616a5763bb9c4b6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=3600
age: 1343
via: 1.1 f5bc0d54a76b57b6f435f98d3e741ea4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: CbfrQ_zAayeubFYcObxQ8XcDCQJHRmH3ssJis6Yge4QMGglrKlqOqg==
date: Tue, 03 Dec 2024 09:49:09 GMT
content-type: application/javascript
x-amz-cf-pop: SYD3-P2
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 5 KB
5 KB 40ms
40ms XHR
application/json 108.158.28.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.upi.com&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.28.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-28-226.syd3.r.cloudfront.net
Software: Server /
Resource Hash: 1b1528bf66881eff8ff756d297fdec1f2712c748ecf07b56f8f87fa0f0e0c830

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 12950
access-control-allow-credentials: true
via: 1.1 2bff6bbbee7da79c98259baccec11e2c.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.upi.com
x-cache: Hit from cloudfront
content-length: 4725
x-amz-cf-id: M33ekb4LcUNnjMv4E2qxXfZQ4_YxSX4zXAJ8cA1UlauyhjgXuZYmdg==
date: Tue, 03 Dec 2024 06:35:42 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: SYD3-P2
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 208 B
515 B 507ms
388ms XHR
text/javascript 108.158.35.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.upi.com%2F&pid=MyewlQXxFfRMi&cb=0&ws=1600x1200&v=24.1105.2150&t=1000&slots=%5B%7B%22sd%22%3A%22desktop-6%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-7%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&schain=1.0%2C1%21proper.io%2Cf87d3dee-ba65-11eb-8272-06ef03bc0096%2C1%2C%2C%2C&sm=9561dffd-dca6-4e72-a080-ce5786fff452&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-35-170.syd3.r.cloudfront.net
Software: Server /
Resource Hash: c87a17f7ccdff0af1de2773d90f2a7a05f7cbddb3a749f3a4c66df774df9fdf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.upi.com
x-cache: Miss from cloudfront
content-length: 185
x-amz-cf-id: 5RSgl3xvYdRHinY5lo8h0CTTk8hC4aqpVt7r_6FJLM96_-DW3z3M5g==
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: SYD3-P2
server: Server

GET truncated
/ Frame 0
0

GET
H/1.1 200
OK t_.htm
pxdrop.lijit.com/a/ Frame 62D6 0
0 125ms
43ms Document
text/html 72.247.223.184
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://pxdrop.lijit.com/a/t_.htm?ver=1.1601.860&cid=c026&cls=admgmt
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.223.184 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a72-247-223-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1190
Content-Type: text/html
Date: Tue, 03 Dec 2024 10:11:32 GMT
Expires: Tue, 10 Dec 2024 10:11:32 GMT
X-Robots-Tag: noindex, nofollow

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 237ms
40ms Script
application/javascript 23.38.131.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.131.47 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-131-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Tue, 03 Dec 2024 10:26:33 GMT
accept-ranges: bytes
content-length: 17407
date: Tue, 03 Dec 2024 10:11:33 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 43 KB
13 KB 239ms
42ms Script
text/javascript 108.158.32.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-17.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 60318
via: 1.1 853f4fb2226327c7e93e1af35b3e6c8c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: RZQxKQ-5F7VhkZswC0f5YWPY26oYdwKT5gLBShUSjqK6eJA5W-DyBg==
date: Mon, 02 Dec 2024 17:26:16 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 16 KB
6 KB 79ms
26ms Script
application/javascript 104.18.28.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"671a7171-403e"
age: 411582
cf-ray: 8ec2c5f2bb80ec7f-ADL
expires: Fri, 06 Dec 2024 10:11:32 GMT
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 16:10:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 190ms
29ms Script
text/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.upi.com%2F&ref=&_it=amazon&partner_id=615
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=432000
content-encoding: br
cf-cache-status: HIT
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 2087
x-amz-request-id: W4DWD718P93BKES0
cf-ray: 8ec2c5f3e809ed77-ADL
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: text/javascript
last-modified: Wed, 27 Nov 2024 17:12:10 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: /e8v1V7tF9tVZVRyX0srnJid59nDrRJ5iyvhJDb2Csha2pg7d+tu+7uk2xEVjKa6IPuLaOGd5iY=

GET 30d863b2-37
aps.zqtk.net/ 0
0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 100 KB
29 KB 130ms
28ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

x-amz-id-2: c/cM8wCR0Cq0W1o65Z/gn6QUmz32QUuhjDtARJmQF9q8z0IrjmYScQHn/dxMJJQMyhDwZnqZjRQ=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"14cd899b51c2c37c71fbf5e1ae6fe38b"
age: 2664
x-amz-request-id: 77RS70RPYETB2K3E
cf-ray: 8ec2c5f39a75ec82-ADL
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 13 Nov 2024 11:06:09 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 47 KB
13 KB 312ms
101ms Script
application/javascript 13.35.210.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.210.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-210-115.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3fb37649db4d634ddf23efe4f3054dff925887babd612a22f12dc6d28336d8cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

vary: accept-encoding, Origin
cache-control: public,max-age=3600
content-encoding: br
x-amz-version-id: PRC4mUyPmS5c_qPgCVoQDss4AK8nNOJL
etag: W/"9a337d104a0a5bb31db2afe061f720cd"
age: 2834
via: 1.1 b316e4790eeb9ff51fdb32601386e20c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: XNCLdB__YEVXwBn7fHYjsW-86TNJEm5uYYE9q6FDKxZ6tR7mGmnnhQ==
date: Tue, 03 Dec 2024 09:24:20 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 08:56:12 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P7
x-amz-server-side-encryption: AES256

GET
H2 204 6410c665185f3da35bfaeb4d Show response
wserver.vidazoo.com/api/ 0
283 B 913ms
301ms XHR
text/plain 159.223.128.170
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://wserver.vidazoo.com/api/6410c665185f3da35bfaeb4d?trace=jqL19Sqe4MxhTZKu13tw5NnyKFMQRygKITB4cVcEBkVDB3oPS2ITVFZ8HlhsantDV1FCEQxsQls%2FHgRQCwoNJS8uG0VfDSNcIwtbaUdVBH1IRHYqKgdQXxgSWWxUHzIdFlFhWh06MzoAVBFOEVQiHRx%2FUwRYIRcfEigqGFQRThFUIh0cf1MTUDcPJDs5KhlyUhcfUGxUDSEEABhvHwwkKA4bV1wGFFAjCxcnU19SLBQbMXZpBlpaBCFFOkxDJwMQUWFaGDUoOBATCQAFQCtCWzAVCxZ3WhsgOz8cUh0CHlEvFBY8XwZbIFpEdi85GRMJVh9BOh4KdkIkEX8%2BTWYcPAJGHQEHXGANFj5UV3JvVEonOTkQVF0nHk8rTENxQFMEfQBZZmp7Vx0RHRlbKxwqOgsAFndaWCxqaVkTXAEDUDw9ECkURw5vSV5kajNMAQNWWxciDwA8BBEWd1oBOjwiG1hHDVUZbB0aIR4JWAUdATMyP1cLBUVGBmJMFDIJMVs4GwAENSIbRUBWTQViTBw9EgpQKDsFJ3hxAUNGEVsXOBkJJycARj4RBzp4cVcDHURZBH1MVXEFDFkoAgc6P2lPE3IBBEE8DxU6EEpkKAocPHhnV0VaGRJPIQAcHBcDRygMSm53f00BTg%3D%3D&ptrace=1733220692756
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.223.128.170 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: https://www.upi.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

GET
H2 200 103512698 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 407ms
219ms Script
application/javascript 2404:6800:4006:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/103512698?ers=3

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0d756140ac108cb3d034c2ae7700a199afe7e8c533dc61e1e87cbf42994a91d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x8XogT0wPOaJiU93YZ_Oow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj6qbdu9gEPhxYdJhRSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQ0NBSz8AwvsAAAPr5Pe0"
content-security-policy: script-src 'report-sample' 'nonce-x8XogT0wPOaJiU93YZ_Oow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 envelope Show response
lexicon.33across.com/v1/ 42 B
58 B 183ms
183ms XHR
application/json 35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003JZlLBAA1&src=aps&ver=1.14.0
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.upi.com/

Response headers

cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.upi.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
date: Tue, 03 Dec 2024 10:11:32 GMT
content-type: application/json
vary: origin

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 4 KB
2 KB 154ms
40ms Script
application/javascript 2600:9000:277c:7a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277c:7a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
etag: W/"bc35b7c476efec25f5c48ba8fb7b9906"
age: 3236
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: tpjlzwybW1E111REcHjDGgve_vyCa-jwg2yquxEfdsjIXJgmCKqEBg==
date: Tue, 03 Dec 2024 09:17:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 14 Oct 2022 00:52:56 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 8902bdfd4bf51d2d735e85d0656d36ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SYD3-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
689 B 322ms
124ms XHR
application/json 13.228.141.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.228.141.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-141-68.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: abfecb6e1e752d6961b1c9b9da79fdf1edf2ac994bf21cfea10bb043424afa57

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.upi.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=utf-8
x-server: 10.42.20.26
server: Jetty(9.4.38.v20210224)

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 117 B
275 B 205ms
204ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=615&sync=0&domain=www.upi.com&url=https://www.upi.com/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.upi.com%2F&ref=&_it=amazon&partner_id=615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35d5cf9ae2320f1806e16e983b73b0a27aafb569507809c01aab46c698800822

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.upi.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8ec2c5f5cd373e5d-ADL
access-control-allow-origin: *
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 262ms
204ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=615&sync=0&domain=www.upi.com&url=https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5f48cdf3e5d-ADL
content-length: 0
content-type: application/json
date: Tue, 03 Dec 2024 10:11:33 GMT
debug: OPTIONS block
server: cloudflare

GET
H2 200 pixel;r=1172004100;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.upi.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=0;et=1733220693249;tzo=-480;ogl=site_name.UPI%2Ctitle.Top%20News%252C%...
pixel.quantserve.com/ 35 B
455 B 144ms
136ms Image
image/gif 2620:116:800e:21:a878:7c6e:cf7b:3362
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1172004100;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.upi.com%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=0;et=1733220693249;tzo=-480;ogl=site_name.UPI%2Ctitle.Top%20News%252C%20Latest%20headlines%252C%20Latest%20News%252C%20World%20News%20%26amp%3B%20U%252ES%20News%20-%20UPI%252Ecom%2Cimage.%2F%2Fwww%252Eupi%252Ecom%2Fimg%2Fupi-fb%252Epng;ses=0518a599-21aa-449b-8c25-b92ba1fdfbe3;d=upi.com;uht=2;fpan=1;fpa=P0-183998951-1733220693255;pbc=;gdpr=0;mdl=

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Tue, 03 Dec 2024 10:11:33 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
content-type: image/gif

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 6276
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift&dcc=t

0
0

288ms
287ms

Document
text/html

98.82.156.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift&dcc=t

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-156-207.compute-1.amazonaws.com

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 378
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 03 Dec 2024 10:11:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: EDJ1ANVTTNW3NKVKNKP8

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 03 Dec 2024 10:11:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-MediaNet_ox-db5_smrt_n-smaato_n-sharethrough_n-onetag_pm-db5_ym_rbd_n-vmg_n-baidu_n-nativo_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 38A09FS1WKX8QAKN901Y

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
99 B 556ms
183ms XHR
text/plain 54.68.191.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=sXU!agV@hHuLTT@XyCIj
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.191.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-191-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

date: Tue, 03 Dec 2024 10:11:33 GMT
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 1 KB
1 KB 281ms
184ms XHR
application/json 13.35.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=d_mapping&pk=sovrn&url=https%3A%2F%2Fwww.upi.com%2F&bid=sXU!agV%40hHuLTT%40XyCIj&at=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26amp%3B%20U.S%20News%20-%20UPI.com&sw=1600&sh=1200&pvid=da93e812-82db-49af-9d28-79c9b06b31e9
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-98.syd1.r.cloudfront.net
Software: akka-http/10.2.1 /
Resource Hash: eaf90fe5f37e3b05571d67b0426127fae192da77a2e2ad30b73b9a20c0b74468

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 eda9fe2763cea4a982a09ceb352512a6.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.upi.com
x-cache: Miss from cloudfront
x-amz-cf-id: _X8d2caJtSrUvqZwLb2a4v2kYXNqK68W9g__Y7qXTE3WmdefG94QEQ==
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json
x-amz-cf-pop: SYD1-C1
server: akka-http/10.2.1

POST
H2 200 s2s Show response
eb.proper.io/ 90 B
591 B 837ms
378ms XHR
application/json 18.155.192.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.192.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-192-5.sfo53.r.cloudfront.net
Software: /
Resource Hash: 1f4a2f037f5138204350f102801704502ac32c2ca1849131f0f133c387434bf6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
x-amzn-trace-id: Root=1-674ed956-02faee624ad4c4ad72544887;Parent=475df7e120537918;Sampled=0;Lineage=1:f0e4c68e:0
access-control-allow-credentials: true
x-amzn-requestid: dd029522-5126-4f25-aca6-31b12b268ef6
via: 1.1 c1ff362c1118e059b545627964cd2e64.cloudfront.net (CloudFront)
expires: -1
access-control-allow-origin: https://www.upi.com
server-timing: dur:114
content-length: 90
x-amz-cf-id: cQ2_25ICffRbu66wezuh9-VN-VglpLdkc5MlwpD1v55QHDxTcbRX-w==
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: application/json
x-cache: Miss from cloudfront
x-amz-cf-pop: SFO53-P1

GET
H2 200 bounce Show response
id5-sync.com/ 30 B
229 B 333ms
333ms Fetch
text/plain 162.19.138.118
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: text/plain;charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
294 B 1003ms
332ms Fetch
application/json 141.95.98.65
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

55944e6bd53a69181c4a7fec7e3e85ec889ae1f16b7436fbed7df8adb7a29cc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://www.upi.com
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 615 Show response
a.ad.gt/api/v1/u/matches/ 9 KB
5 KB 86ms
29ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/615?_it=amazon
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b0296a50cfc3b95732127bebb92feb0b777f841fc4ad2739226d0994c349fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 29
cross-origin-resource-policy: cross-origin
cf-ray: 8ec2c5f77e9ded70-ADL
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/javascript
last-modified: Tue, 03 Dec 2024 10:08:07 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 AGSKWxWCv8BY7imO74GJwL1dMiFMxsYFy-41cF-aZfrcGBvTzdXI-33A5uNW1YulsYD4e_BYndfHXRVDhR1Ju3YnaoSgbkvP0p9byoT5JyQWVcimix3JOF2A0G52oW8X_F2JjbA-I2FeBg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 164ms
163ms Script
application/javascript 2404:6800:4006:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWCv8BY7imO74GJwL1dMiFMxsYFy-41cF-aZfrcGBvTzdXI-33A5uNW1YulsYD4e_BYndfHXRVDhR1Ju3YnaoSgbkvP0p9byoT5JyQWVcimix3JOF2A0G52oW8X_F2JjbA-I2FeBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMjIwNjkzLDY0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudXBpLmNvbS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1HQiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bc346884ec18e47cd10c326d3b101c6c4fded9f9f1877a06fccff2f91ec4915

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-6znPJTWiS__cthyXtqx4Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj6qbdu9gEVuz5fZdJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQ0NBSz8AwvsAAAADMPhQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-6znPJTWiS__cthyXtqx4Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 870F 0
0 174ms
41ms Document
text/html 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 619
alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28994
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 10:01:14 GMT
expires: Tue, 03 Dec 2024 10:51:14 GMT
last-modified: Mon, 18 Nov 2024 20:43:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 middy-desktop-4.34.599.js Show response
cdn.browsiprod.com/sd/apps/middy/ 335 KB
89 KB 295ms
106ms Script
application/javascript 13.35.210.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.34.599.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.210.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-210-115.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a81524b518670cc7546adf6f9a055b3ab7d299cb808b27f77c19e7563287d329

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://www.upi.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: N.M2.IBIVuTqUzB6cVPCx2E7zwKg9RCd
etag: W/"1bd295b6d6f762fc3e1bfff0b022ca28"
age: 527275
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: -8JsiAmPy0OTxRoabnhmUnra3cgcp_csmTuNhNLFYzaUO1rioTtrZg==
date: Wed, 27 Nov 2024 07:43:39 GMT
content-type: application/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Wed, 27 Nov 2024 07:38:30 GMT
cache-control: public,max-age=31536000
via: 1.1 c93bfd4f62a8ed5468af1245c68ba454.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 615 Show response
p.ad.gt/api/v1/p/ 40 KB
14 KB 85ms
34ms Script
application/javascript 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/615
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 140f29ec46d27c427c73dffbf72c8af7d0f5f007168bac68cc787f1f5dfcda99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 26
cf-ray: 8ec2c5f80afced7b-ADL
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/javascript
vary: accept-encoding
server: cloudflare
last-modified: Tue, 03 Dec 2024 10:08:54 GMT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
170 B 281ms
225ms Image
image/gif 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&halo_id=060ixe9ju6a658el7cidgafhl76fc6bb9bduom6wi0e0y4m02iukqeos020oi0gg6
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5f80e71ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: image/gif
server: cloudflare

GET
H2 200 ip_match
ids4.ad.gt/api/v1/ 0
192 B 562ms
186ms Image
text/html 54.148.15.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids4.ad.gt/api/v1/ip_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.15.86 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-15-86.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-length: 0
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&adnxs_id=5026676596621795076&gdpr=0

43 B
95 B

234ms
234ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&adnxs_id=5026676596621795076&gdpr=0
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fab966ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&adnxs_id=5026676596621795076&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.214.20.148; 103.214.20.148; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 09267d21-98a7-4817-b105-a790b9a70317
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 03 Dec 2024 10:11:34 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=f7c9fd7d-6960-4110-a217-428d06484f04&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

43 B
95 B

233ms
232ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=f7c9fd7d-6960-4110-a217-428d06484f04&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5f8cf25ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=f7c9fd7d-6960-4110-a217-428d06484f04&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
content-length: 259
date: Tue, 03 Dec 2024 10:11:33 GMT
server: Kestrel

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ
https://ids.ad.gt/api/v1/pbm_match?pbm=8A515A70-B61B-4A3A-BD82-ACAA10A336C6&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

43 B
95 B

226ms
225ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=8A515A70-B61B-4A3A-BD82-ACAA10A336C6&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fa48b8ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/pbm_match?pbm=8A515A70-B61B-4A3A-BD82-ACAA10A336C6&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 03 Dec 2024 10:11:34 GMT
server: nginx

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 483ms
97ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&gdpr=0
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e2b6b837307e4a2cb84d126fbaf2cea2
Pragma: no-cache

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733220694...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001733...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=f7c9fd7d-6960-4110-a217-428d06484f04&ttd_puid=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&tapad_id=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889

43 B
95 B

240ms
240ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&tapad_id=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fbaa54ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&tapad_id=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Tue, 03 Dec 2024 10:11:34 GMT
server: Jetty(11.0.13)

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
232 B 549ms
194ms Image
image/png 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 03 Dec 2024 10:11:34 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzIyMDY5NC1SM0FKMUNKWC1EOVFK

170 B
409 B

320ms
194ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzIyMDY5NC1SM0FKMUNKWC1EOVFK

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 03 Dec 2024 10:11:34 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cf-ray: 8ec2c5f84ea0ec77-ADL
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTczMzIyMDY5NC1SM0FKMUNKWC1EOVFK
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/html; charset=utf-8
server: cloudflare

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001733220694-R3AJ1C...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
https://ids.ad.gt/api/v1/adb_match?adb=87131684920857892474432386366920120951&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

43 B
95 B

226ms
225ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=87131684920857892474432386366920120951&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fad982ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://ids.ad.gt/api/v1/adb_match?adb=87131684920857892474432386366920120951&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
dcs: dcs-prod-apse2-2-v068-04cafd2ce.edge-apse2.demdex.com 2 ms
pragma: no-cache
x-tid: KhMyAosQQf0=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Tue, 03 Dec 2024 10:11:34 GMT

GET
H2

200

amo_match
ids.ad.gt/api/v1/
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001733220694-R3AJ1CJX-D9QJ
https://ids.ad.gt/api/v1/amo_match?turn_id=4210054937772327184&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ

43 B
95 B

228ms
227ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/amo_match?turn_id=4210054937772327184&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fc9b63ec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://ids.ad.gt/api/v1/amo_match?turn_id=4210054937772327184&id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Tue, 03 Dec 2024 10:11:34 GMT

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&uid=9b41cd6c-8834-469c-b90c-09a6973870d3&gdpr=0

43 B
118 B

224ms
224ms

Image
image/gif

2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&uid=9b41cd6c-8834-469c-b90c-09a6973870d3&gdpr=0
Requested by: Host: www.upi.com
URL: https://www.upi.com/
Protocol: H2
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fe8edfec77-ADL
cache-control: no-cache
content-length: 43
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:35 GMT
content-type: image/gif
server: cloudflare

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&uid=9b41cd6c-8834-469c-b90c-09a6973870d3&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 03 Dec 2024 10:11:34 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-lax-1-5-99
x-xss-protection: 0

POST
H2 200 extend Show response
bis3.vidazoo.com/event/ 0
171 B 741ms
244ms XHR
text/plain 2604:a880:400:d0::252f:1001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bis3.vidazoo.com/event/extend
Requested by: Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2604:a880:400:d0::252f:1001 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.upi.com/

Response headers

access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 03 Dec 2024 10:11:34 GMT
access-control-allow-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
95 KB 184ms
183ms Script
application/javascript 2404:6800:4004:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba2591621ebf69fd2d68cdb16d0eb4bb40487c0a79179509645878f455df69ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 10:11:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97148
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H2 200 dec
p.ad.gt/api/v1/ Frame 0
0 267ms
225ms Preflight
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/dec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.upi.com
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5f89fd3ec7e-ADL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 10:11:34 GMT
server: cloudflare
vary: Origin

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
113 B 225ms
224ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5f84fcbed70-ADL
access-control-allow-origin: https://www.upi.com
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 281ms
224ms Script
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=d7af248dafbc86946896d6a590eeea6b&url=https%3A%2F%2Fwww.upi.com%2F&code=%27none%27
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fa9a43ec7e-ADL
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
server: cloudflare

POST
H2 204 dec Show response
p.ad.gt/api/v1/ 0
34 B 229ms
228ms XHR
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/dec
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5f9f990ec7e-ADL
access-control-allow-origin: https://www.upi.com
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 4 KB
606 B 230ms
228ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92eba855f5a6a00e6ff999e1831248328069c3be4fd6e14aa45bc74404ae924

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5fa6c7fed73-ADL
access-control-allow-origin: *
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 335ms
222ms Preflight 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5f90b07ed73-ADL
date: Tue, 03 Dec 2024 10:11:34 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

GET
H2 200 AGSKWxUWLL4TADrwuaKpFRBTOhvK-v4O493OLgOfDKEt78iXnQe6uNIbFqtO432ZHc6lO4b_VjHHNLnkAFl4QGtLmnWqSVrCTiorGix3Kj98THCj3lua5iimyFpro9As5NuBPqQghOInWA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 187ms
186ms Script
application/javascript 2404:6800:4006:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUWLL4TADrwuaKpFRBTOhvK-v4O493OLgOfDKEt78iXnQe6uNIbFqtO432ZHc6lO4b_VjHHNLnkAFl4QGtLmnWqSVrCTiorGix3Kj98THCj3lua5iimyFpro9As5NuBPqQghOInWA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMjIwNjkzLDgxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8vd3d3LnVwaS5jb20vIixudWxsLFtbOCwiOXo1a2RkdEtmVW8iXSxbOSwiZW4tR0IiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:810::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1962ffc7cb5cc545438e8676499ec68d01ad88e627f9397be49590661a4e247b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8jrf6PUSL0-LX_sQX4kQrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:33 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj6qbdu9gENjw_uoVZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQ0NBSz8AwvsAAAPRcPeA"
content-security-policy: script-src 'report-sample' 'nonce-8jrf6PUSL0-LX_sQX4kQrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df0074da75a9aaacce754861c52c7f77b3680d267ba71dbcdec61958d2c4dfab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 346 KB
95 KB 1053ms
1053ms Fetch
text/plain 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3807302981823403&correlator=411306765639308&eid=31088952%2C83320949&output=ldjh&gdfp_req=1&vrg=202411180101&ptt=17&impl=fifs&gdpr=0&tfcd=0&iu_parts=5376056%3A1009753%2Cupi_leaderboard%2Cupi_right_1%2Cupi_right_2%2Cupi_sticky&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C728x90%2C1x1%7C300x250%2C1x1%7C300x250%2C1x1%7C728x90%7C970x90&ifi=1&didk=3214121881~2148943326~2148943313~3723584664&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1733220693926&lmt=1733220630&adxs=309%2C1066%2C1066%2C-12245933&adys=166%2C818%2C1634%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.upi.com%2F&vis=1&psz=982x-1%7C357x250%7C357x250%7C728x-1&msz=982x-1%7C300x-1%7C300x-1%7C0x-1&fws=0%2C0%2C0%2C640&ohw=0%2C0%2C0%2C0&td=1&egid=46972&tan=9fed5297-b923-46b3-bdb8-633dcaddc5d9%2C9fed5297-b923-46b3-bdb8-633dcaddc5da%2C9fed5297-b923-46b3-bdb8-633dcaddc5db%2C9fed5297-b923-46b3-bdb8-633dcaddc5dc&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733220690900&idt=1967&ppid=8573852b-6d25-4d99-9272-6278287e6ed5&prev_scp=proper_slot%3D1%26proper_floor%3D0.10%26proper_bidder%3Dupi_criteo%26proper_bid%3D0.15%26refresh_count%3D0%7Cproper_slot%3D3%26proper_floor%3D0.10%26refresh_count%3D0%7Cproper_slot%3D5%26proper_floor%3D0.10%26refresh_count%3D0%7Cproper_slot%3D8%26proper_sticky%3Dtrue%26proper_floor%3D0.10%26proper_bidder%3Dupi_triplelift%26proper_bid%3D0.15%26refresh_count%3D0&cust_params=post_id%3Dunknown%26member%3Dno%26category%3D%26split_version%3D30875%26proper_site%3Dupi%26proper_page%3D1%26s_depth%3D1%26tags%3Dhome%252Clatest&adks=3109548874%2C1870747140%2C1464917774%2C784876494&frm=20&eoidce=1

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f2.1e100.net

Software

cafe /

Resource Hash

4f3b415c53c7a9bb18bedcc90e30d735e922f8121ad8494bb3792199abfb5b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: x-google-amp-ad-validated-version
content-encoding: br
google-lineitem-id: -1,-1,-1,-1
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1,-1,-1,-1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.upi.com
content-length: 96865
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 25C2 0
0 324ms
139ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 10:11:34 GMT
expires: Tue, 03 Dec 2024 10:11:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 502ms
248ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"6549fe8e-17704"
cross-origin-resource-policy: cross-origin
expires: Wed, 04 Dec 2024 10:11:34 GMT
access-control-allow-origin: *
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/javascript
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
0 280ms
125ms Fetch
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FVWZ0RM4DH&gtm=45je4bk0v9116367008za200&_p=1733220693795&_gaz=1&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=856184941.1733220692&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&sid=1733220694&sct=1&seg=0&dl=https%3A%2F%2Fwww.upi.com%2F&dt=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26amp%3B%20U.S%20News%20-%20UPI.com&en=page_view&_fv=1&_ss=1&_ee=1&ep.dimension3=615&ep.dimension4=www.upi.com&ep.dimension5=%2F&ep.dimension7=d7af248dafbc86946896d6a590eeea6b&tfd=4374
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.upi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
542 B 493ms
164ms Ping
text/plain 2404:6800:4008:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FVWZ0RM4DH&cid=856184941.1733220692&gtm=45je4bk0v9116367008za200&aip=1&uid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.upi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame FF92 0
0 517ms
186ms Document
text/html 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-FVWZ0RM4DH&gacid=856184941.1733220692&gtm=45je4bk0v9116367008za200&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=816117958

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 10:11:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 398ms
198ms Image
image/gif 216.58.220.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FVWZ0RM4DH&cid=856184941.1733220692&gtm=45je4bk0v9116367008za200&aip=1&uid=AU1D-0100-001733220694-R3AJ1CJX-D9QJ&dma=0&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1245623008

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.220.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd10s01-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 10:11:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
98 B 186ms
184ms XHR
text/plain 54.68.191.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=da93e812-82db-49af-9d28-79c9b06b31e9
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.34.599.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.191.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-191-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

date: Tue, 03 Dec 2024 10:11:34 GMT
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 96ms
96ms Script
application/javascript 13.35.210.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.210.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-210-115.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://www.upi.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
age: 51984
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: qtZRRT3PpcYS8Q1wa0PMjLRyHyZYflsXQI39vzJda4JXkV9vU49Isg==
date: Mon, 02 Dec 2024 19:45:11 GMT
content-type: application/javascript
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
via: 1.1 c93bfd4f62a8ed5468af1245c68ba454.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SIN2-P7
server: AmazonS3

GET
H2 200 v2 Show response
ai.browsiprod.com/scroll/ 34 B
369 B 270ms
184ms XHR
application/json 18.65.244.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.browsiprod.com/scroll/v2?pk=sovrn&sk=upicom&h=5&gl=au&os=Linux&d=Unknown%20Desktop%7CEmulator&dt=DESKTOP&ts=DEFAULT&b=Chrome&pl=6072&mc=-1&sl=1200&ul=0&to=790&almi=0&v=scroll-predictor-v2&sf=0&iru=false&uva=0&uvs=0&vp=0&p=0&i=0&cs=0&cr=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.34.599.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-97.syd3.r.cloudfront.net
Software: / Express
Resource Hash: 3d6343d927bd6f42d334242e2d540a3321641933ec01cf11354bdfa6518fc77d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: *
etag: W/"22-1WnyEnKFTlrWJQYy9xl7GSTyCaQ"
via: 1.1 eeb64902174f0e1f0d97e045fce78e24.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 34
x-amz-cf-id: KV6T5Yb9yrz9J2VZ-nTzY7UlTAIv1VDKXozpO6VGjaq3JLkUN8siNw==
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
x-amz-cf-pop: SYD3-P1

GET
H2 200 profit Show response
ai.browsiprod.com/ 34 B
368 B 267ms
181ms XHR
application/json 18.65.244.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ai.browsiprod.com/profit?mc=-1&pl=6072&pk=sovrn&sk=upicom&d=Unknown%20Desktop%7CEmulator&dt=DESKTOP&os=Linux&sc=1b68cb2a-f11c-488d-807f-d5cdf9ef30da_A&ts=DEFAULT&iru=false&gl=au&aa=1424&aid=upicom_-664801803_2107954603&h=5&iamin=0&tamin=0&samin=0&ramin=0&v=profit-predictor
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.34.599.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-97.syd3.r.cloudfront.net
Software: / Express
Resource Hash: 75b0c0279799a26556befac6a8069834770427601159d8bc49cb01c0634cee0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-expose-headers: *
etag: W/"22-3Jt958nQTBnW5WGVNkCJAY8VO08"
via: 1.1 eeb64902174f0e1f0d97e045fce78e24.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 34
x-amz-cf-id: sZvUEJW4zbzQa_VxtRh55uVWIeYaORdTRcdjY-ESe1zSiJi8qtrxWQ==
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
x-amz-cf-pop: SYD3-P1

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
98 B 185ms
183ms XHR
text/plain 54.68.191.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=da93e812-82db-49af-9d28-79c9b06b31e9
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.34.599.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.191.138 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-191-138.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

date: Tue, 03 Dec 2024 10:11:34 GMT
access-control-allow-origin: https://www.upi.com
access-control-allow-credentials: true

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame B777 0
0 82ms
30ms Document
text/html 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 57
apigw-requestid: CNPtNhWkPHcEJGA=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8ec2c5fc3b4855f2-ADL
content-encoding: br
content-type: text/html
date: Tue, 03 Dec 2024 10:11:34 GMT
last-modified: Tue, 03 Dec 2024 08:50:28 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 226ms
225ms XHR
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fdfecfec7e-ADL
access-control-allow-origin: https://www.upi.com
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
33 B 226ms
224ms XHR
text/plain 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/615
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.upi.com/

Response headers

cf-ray: 8ec2c5fdeec0ec7e-ADL
access-control-allow-origin: https://www.upi.com
cf-cache-status: DYNAMIC
date: Tue, 03 Dec 2024 10:11:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 240ms
239ms Preflight
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.upi.com
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5fc7cc2ec7e-ADL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 10:11:34 GMT
server: cloudflare
vary: Origin

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 226ms
225ms Preflight
text/html 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.upi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.upi.com
allow: OPTIONS, POST
cf-cache-status: DYNAMIC
cf-ray: 8ec2c5fc7cc5ec7e-ADL
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 10:11:34 GMT
server: cloudflare
vary: Origin

GET
H2 200 / Show response
d0.eu-3-id5-sync.com/ 1 B
143 B 1475ms
325ms Fetch
text/plain 51.195.127.115
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d0.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip115.ip-51-195-127.eu
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-3-id5-sync.com/ 1 B
143 B 1459ms
330ms Fetch
text/plain 51.195.73.113
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d1.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-3-id5-sync.com/ 1 B
143 B 1458ms
315ms Fetch
text/plain 135.125.146.86
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.86 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip86.ip-135-125-146.eu
Software: /
Resource Hash: 4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-3-id5-sync.com/ 1 B
143 B 1462ms
323ms Fetch
text/plain 51.195.73.82
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d3.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.82 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-51-195-73.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-3-id5-sync.com/ 1 B
143 B 1462ms
320ms Fetch
text/plain 135.125.146.82
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d4.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.82 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip82.ip-135-125-146.eu
Software: /
Resource Hash: 2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-3-id5-sync.com/ 1 B
143 B 1458ms
331ms Fetch
text/plain 51.195.34.220
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d5.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.220 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip220.ip-51-195-34.eu
Software: /
Resource Hash: 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-3-id5-sync.com/ 1 B
143 B 1450ms
323ms Fetch
text/plain 51.195.34.222
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d6.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.222 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip222.ip-51-195-34.eu
Software: /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-3-id5-sync.com/ 1 B
143 B 1473ms
325ms Fetch
text/plain 135.125.140.162
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d7.eu-3-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d0.eu-4-id5-sync.com/ 1 B
143 B 1459ms
317ms Fetch
text/plain 51.195.34.255
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d0.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.255 , Jordan, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip255.ip-51-195-34.eu
Software: /
Resource Hash: 6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-4-id5-sync.com/ 1 B
143 B 1475ms
327ms Fetch
text/plain 51.195.127.100
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d1.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.100 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip100.ip-51-195-127.eu
Software: /
Resource Hash: f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-4-id5-sync.com/ 1 B
143 B 1453ms
316ms Fetch
text/plain 135.125.146.80
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-4-id5-sync.com/ 1 B
143 B 1474ms
327ms Fetch
text/plain 51.195.126.30
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d3.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-4-id5-sync.com/ 1 B
143 B 1458ms
322ms Fetch
text/plain 51.195.115.36
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d4.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.115.36 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip36.ip-51-195-115.eu
Software: /
Resource Hash: 4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-4-id5-sync.com/ 1 B
143 B 1455ms
315ms Fetch
text/plain 51.195.127.115
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d5.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.115 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip115.ip-51-195-127.eu
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-4-id5-sync.com/ 1 B
143 B 1471ms
324ms Fetch
text/plain 51.195.126.30
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d6.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-4-id5-sync.com/ 1 B
143 B 1471ms
325ms Fetch
text/plain 135.125.145.78
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://d7.eu-4-id5-sync.com/
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.145.78 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ip78.ip-135-125-145.eu
Software: /
Resource Hash: ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H3 200 rubicon_blacklist.js Show response
fundingchoicesmessages.google.com/f/AGSKWxUY9hRyztMWF8rSJ6hcKHku9YU33b-sGF09P6ANY59nQU8zplnoRMM2uKEGma7nMCMWTQAfxymta2xVwqy9zCj8CbPsYM4MpmrzXp1lOXKGOB3GBJNYPE3cTs98w7NYnqxy6Vzm-rQm99F8pn4B_2EPznwix... 54 B
108 B 194ms
194ms Script
application/javascript 172.217.175.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUY9hRyztMWF8rSJ6hcKHku9YU33b-sGF09P6ANY59nQU8zplnoRMM2uKEGma7nMCMWTQAfxymta2xVwqy9zCj8CbPsYM4MpmrzXp1lOXKGOB3GBJNYPE3cTs98w7NYnqxy6Vzm-rQm99F8pn4B_2EPznwixVK7u5YbeOb0UKxu8ZwoGOe08CvMvP2B/_/Ads/Refresher./affiliate/promo-/ads/widget./html/ads_/rubicon_blacklist.js

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

eadd018395818202cf33211bb6fa26e4455569f416d1ba94388b33d6650830af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MnKF0AqXdXjzZsu9TlFZyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYeO15VkcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxDPOX2ZdAMRFEldYG4CY4esVVg4gFuLhuLZp9y42gYbVj98yKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYGhpa6hkYxhcYAAD-GkEz"
content-security-policy: script-src 'report-sample' 'nonce-MnKF0AqXdXjzZsu9TlFZyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 71 KB
26 KB 470ms
157ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f0b745f08fdd0c8abd0610409973433e28c288cce88fdceeb9093808a5ee937c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: 8757421547421411085
age: 2459
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 10:30:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 03 Dec 2024 09:30:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26318
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxW3uCJidoubHw6TaoQ0KmH70ROQYCBBuy4RidwOAmmFj_-7mPg5YTLWau_3puvbI7BMa3VbS9IgZ2jupaZRhUpMTqhLreuWrwu-ob6VRkjEqN3ugKKEiZpIvGv0YltSx2NwkGNMVA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 384ms
195ms XHR
text/html 172.217.175.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3uCJidoubHw6TaoQ0KmH70ROQYCBBuy4RidwOAmmFj_-7mPg5YTLWau_3puvbI7BMa3VbS9IgZ2jupaZRhUpMTqhLreuWrwu-ob6VRkjEqN3ugKKEiZpIvGv0YltSx2NwkGNMVA==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.9z5kddtKfUo.es5.O/am=DgY/d=1/rs=AJlcJMzSFORgpwppU4pNanfOLuV662NJWg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eRMcj2ZK-fWZqrDTBK78mQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.upi.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBicEqfwRoAxAxfr7ByALEQD8e1Tbt3sQn8WLvvBLOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAEXGJso"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eRMcj2ZK-fWZqrDTBK78mQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.upi.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
0 0ms
0ms XHR
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: nginx /
Resource Hash: ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"6549fe8e-17704"
cross-origin-resource-policy: cross-origin
expires: Wed, 04 Dec 2024 10:11:34 GMT
access-control-allow-origin: *
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/javascript
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3uCJidoubHw6TaoQ0KmH70ROQYCBBuy4RidwOAmmFj_-7mPg5YTLWau_3puvbI7BMa3VbS9IgZ2jupaZRhUpMTqhLreuWrwu-ob6VRkjEqN3ugKKEiZpIvGv0YltSx2NwkGNMVA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z3iL1cwTH8WuI0m79qf17w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.upi.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBicEqfwRoAxAxfr7ByALEQD8e1Tbt3sQlc-Hf5DLOSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAFVVJwQ"
content-security-policy: script-src 'report-sample' 'nonce-Z3iL1cwTH8WuI0m79qf17w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.upi.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 container.html
21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0E6F 0
0 1ms
1ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 10:11:34 GMT
expires: Tue, 03 Dec 2024 10:11:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA1D 0
0 0ms
0ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 10:11:34 GMT
expires: Tue, 03 Dec 2024 10:11:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012406252034000/ Frame 2D11 196 KB
56 KB 627ms
149ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/amp4ads-v0.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

278685d4467e915e1a1ce58a24e15dcdefbd7719acf70a59655361c35f8e273d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: "ab8c5e684db96b44"
age: 121498
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 00:26:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 00:26:37 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 56152
x-xss-protection: 0
server: sffe

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 2D11 15 KB
5 KB 961ms
483ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: "de79a6048671db85"
age: 35094
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 00:26:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:26:41 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 5219
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 2D11 95 KB
28 KB 869ms
392ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-analytics-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: "16a9579aec57c4a5"
age: 459006
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 02:41:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 02:41:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 29025
x-xss-protection: 0
server: sffe

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 2D11 5 KB
2 KB 863ms
386ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: "b7204740773aee25"
age: 459006
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 02:41:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 02:41:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 1907
x-xss-protection: 0
server: sffe

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012406252034000/v0/ Frame 2D11 40 KB
13 KB 937ms
460ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012406252034000/v0/amp-form-0.1.mjs

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: br
etag: "c65b00eac3dcf073"
age: 459006
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 28 Nov 2025 02:41:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 02:41:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 12949
x-xss-protection: 0
server: sffe

GET
H2 200 css
fonts.googleapis.com/ Frame 2D11 4 KB
801 B 140ms
139ms Stylesheet
text/css 2404:6800:4006:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 10:11:35 GMT
alt-svc: h3=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:35 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 08:36:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13260932188029602904/ Frame 2D11 18 KB
18 KB 447ms
43ms Image
image/jpeg 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13260932188029602904/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ceb9b9fb1763f9367fc3c3c483eede18b73d9de8ed3103a70ed1fc0e8054847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

age: 231392
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 17:55:03 GMT
alt-svc: h3=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Sat, 30 Nov 2024 17:55:03 GMT
last-modified: Fri, 01 Mar 2024 22:41:35 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 18102
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 2D11 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36b4ff7616d9ddd57312d4ca4c0903123d0313008102b307412d24314a79f150

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 container.html
21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B8A3 0
0 4ms
4ms Document
text/html 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 10:11:34 GMT
expires: Tue, 03 Dec 2024 10:11:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2D11 3 KB
3 KB 416ms
42ms Image
image/png 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 15880770647744369592
age: 82531
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 11:16:04 GMT
alt-svc: h3=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2982
x-xss-protection: 0
date: Mon, 02 Dec 2024 11:16:04 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2D11 344 B
449 B 437ms
63ms Image
image/png 2404:6800:4006:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:804::2001 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: public, max-age=86400
timing-allow-origin: *
etag: 6766994032117382215
age: 59283
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 17:43:32 GMT
alt-svc: h3=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 344
x-xss-protection: 0
date: Mon, 02 Dec 2024 17:43:32 GMT
content-type: image/png
vary: Accept-Encoding
server: cafe

GET
H3

200

B29069693.388207684;dc_pre=CLC1kp-ui4oDFUtRwgUdiccsxg;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_...
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 2D11
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.388207684;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr...
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.388207684;dc_pre=CLC1kp-ui4oDFUtRwgUdiccsxg;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_ch...

42 B
68 B

203ms
202ms

Image
image/gif

172.217.26.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.388207684;dc_pre=CLC1kp-ui4oDFUtRwgUdiccsxg;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Server

172.217.26.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bom05s09-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Tue, 03 Dec 2024 10:11:36 GMT
x-xss-protection: 0
content-type: image/gif
attribution-reporting-register-source: {"aggregation_keys":{"628888628":"0x44d04b7751828e480000000000000000","628888629":"0xedd181f466d4b2450000000000000000","628888630":"0x1c864da74cc403860000000000000000","628888631":"0xac70eff3ececc93b0000000000000000"},"debug_key":"384317207022136228","debug_reporting":true,"destination":["https://squarespace.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,604800,2592000]},"expiry":"2592000","filter_data":{"14":[],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["8103537"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11252984527590166268"}
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B29069693.388207684;dc_pre=CLC1kp-ui4oDFUtRwgUdiccsxg;dc_trk_aid=579571654;dc_trk_cid=210028420;ord=1033399074;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=;dc_tdv=1?
pragma: no-cache
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 03 Dec 2024 10:11:35 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2D11
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CnyTCVtlOZ-_fA4PFjMwP0PjNgAbZsbWWe7f5yrOrEq4CEAEg2Oq2IGCluJqAnAGgAdL4y-IDyAEJ4AIAqAMByAMKqgShAk_QwSqXs0Vs5l1CaPcRLINjPhSwiE8eTcqqv0FetCDZSvxO...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0d4ed770f24e9ee0000000000000000%22,%222%22:%220x5d4b83c834f80b700000000000000000%22,%223%22:%220xb7853d...

0
20 B

408ms
191ms

Image
text/css

142.250.199.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0d4ed770f24e9ee0000000000000000%22,%222%22:%220x5d4b83c834f80b700000000000000000%22,%223%22:%220xb7853d02431226920000000000000000%22,%224%22:%220x8c251809e655a71a0000000000000000%22,%225%22:%220x2a7dcd23c68955a30000000000000000%22},%22debug_key%22:%227815273449501077921%22,%22debug_reporting%22:true,%22destination%22:%22https://squarespace.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221012071506%22],%2222%22:[%22true%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225158004066114372497%22}&andc=true

Requested by

Host: www.upi.com
URL: https://www.upi.com/

Protocol

Server

142.250.199.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: private
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 10:11:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Tue, 03 Dec 2024 10:11:35 GMT
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf0d4ed770f24e9ee0000000000000000","2":"0x5d4b83c834f80b700000000000000000","3":"0xb7853d02431226920000000000000000","4":"0x8c251809e655a71a0000000000000000","5":"0x2a7dcd23c68955a30000000000000000"},"debug_key":"7815273449501077921","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5158004066114372497"}
content-type: text/css; charset=UTF-8
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf0d4ed770f24e9ee0000000000000000","2":"0x5d4b83c834f80b700000000000000000","3":"0xb7853d02431226920000000000000000","4":"0x8c251809e655a71a0000000000000000","5":"0x2a7dcd23c68955a30000000000000000"},"debug_key":"7815273449501077921","debug_reporting":true,"destination":"https://squarespace.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1012071506"],"22":["true"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"5158004066114372497"}&andc=true
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 03 Dec 2024 10:11:35 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: cafe

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3uCJidoubHw6TaoQ0KmH70ROQYCBBuy4RidwOAmmFj_-7mPg5YTLWau_3puvbI7BMa3VbS9IgZ2jupaZRhUpMTqhLreuWrwu-ob6VRkjEqN3ugKKEiZpIvGv0YltSx2NwkGNMVA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8M_kuV5w8Pz_g0vMFoSv0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.upi.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BicEqfwRoAxAxfr7ByALEQD8f1Tbt3sQnseDjlJ6OSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAD6_Jrg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8M_kuV5w8Pz_g0vMFoSv0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.upi.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW3uCJidoubHw6TaoQ0KmH70ROQYCBBuy4RidwOAmmFj_-7mPg5YTLWau_3puvbI7BMa3VbS9IgZ2jupaZRhUpMTqhLreuWrwu-ob6VRkjEqN3ugKKEiZpIvGv0YltSx2NwkGNMVA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-doWKoNaBsqMSs2r_wkRQ2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.upi.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1JBiWMS_i8kpfQZrABAzfL3CygHEQjwc1zft3sUmcGLNtJ-MSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjE0NDQUs_ANL7AAADKkigA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-doWKoNaBsqMSs2r_wkRQ2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.upi.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxVqctnfck3m6DffSiXMbWovaV6K5TuqNg3JVM0aFaXIqgsuxu0J7GyzyxTHYiLh-fxUyigWCZ6SDTnY8xUW1-Lf7hSkXymVu2iqwV-nUsvZ49YWdrf-CwYZzjRlszljeh3nTWAWdw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 216ms
216ms Script
application/javascript 172.217.175.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVqctnfck3m6DffSiXMbWovaV6K5TuqNg3JVM0aFaXIqgsuxu0J7GyzyxTHYiLh-fxUyigWCZ6SDTnY8xUW1-Lf7hSkXymVu2iqwV-nUsvZ49YWdrf-CwYZzjRlszljeh3nTWAWdw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzMjIwNjk1LDQyNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudXBpLmNvbS8iLG51bGwsW1s4LCI5ejVrZGR0S2ZVbyJdLFs5LCJlbi1HQiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

bbc1643a30190ad635d0bfb12e6955054210f91de62355742c987d388feecc73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-by3s2WfgmUzHOgqAYmglhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:35 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOB2HjteVZHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQzzl9mXQDERRJXWBuAmOHrFVYOIBbi4bi-afcuNoEfi741MSlpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGBoaWuoZGMYXGAAAJtxGVw"
content-security-policy: script-src 'report-sample' 'nonce-by3s2WfgmUzHOgqAYmglhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 2D11 18 KB
18 KB 175ms
175ms Font
font/woff2 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 314341
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 18:52:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 18:52:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18588
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ Frame 2D11 18 KB
18 KB 174ms
174ms Font
font/woff2 142.250.199.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.199.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.upi.com
Referer: https://fonts.googleapis.com/

Response headers

age: 284518
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 03:09:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 03:09:37 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 186ms
184ms XHR
application/octet-stream 44.231.120.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.120.165 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-120-165.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 03 Dec 2024 10:11:35 GMT
Content-Type: application/octet-stream
Connection: keep-alive

POST
H3 204 AGSKWxUJdW01agMQ07DPVS0dwe83sYWYEQayRZzcGGWKqfs5J0vFpW9Q2U0yp53TAmcdAesdfnsDiTSSspSRzJ-iXxMpxHw5h28-HvJFQWWzQbQ3Gi1zB0qiJfx-DjZRQmZz-D5fACaMJg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 202ms
200ms XHR
text/html 172.217.175.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUJdW01agMQ07DPVS0dwe83sYWYEQayRZzcGGWKqfs5J0vFpW9Q2U0yp53TAmcdAesdfnsDiTSSspSRzJ-iXxMpxHw5h28-HvJFQWWzQbQ3Gi1zB0qiJfx-DjZRQmZz-D5fACaMJg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.175.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s18-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0UziWF9eddm-toF-lHi1Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.upi.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:35 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBicEqfwRoAxAxfr7ByALEQD8f1Tbt3sQk8eH7nM5OSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0NLTUMzCNLzAAAGAiJys"
content-security-policy: script-src 'report-sample' 'nonce-0UziWF9eddm-toF-lHi1Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.upi.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H2 200 v3 Show response
id5-sync.com/gm/ 700 B
1 KB 333ms
332ms XHR
application/json 162.19.138.118
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

6ab990c5346b7c5e092c7b1a001db0c632d657372cdfabadc40be65cea388bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.upi.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.upi.com
p3p: CP="CAO PSA OUR"
date: Tue, 03 Dec 2024 10:11:36 GMT
content-type: application/json
vary: Origin

GET view
securepubads.g.doubleclick.net/btr/ Frame 2D11 0
0

GET

match
ps.eyeota.net/
Redirect Chain

https://id5-sync.com/i/445/8.gif?o=api&id5id=ID5*AIsz7S_l4ymYTbiGftrFQ6G1Ti-Noe0bcFLxTaUyv6ve9gPT9Mfj_F9_uRQuWN3n&gdpr_consent=undefined&gdpr=false
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F10%2F7%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/445/10/7/2.gif?puid=1477490157425142451&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=f7c9fd7d-6960-4110-a217-428d06484f04&ttl=%%TTL%%
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F108%2F5%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
https://id5-sync.com/c/445/108/5/4.gif?puid=a5b855d8-ca41-4ac1-9a54-0d7bba2b6889&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F112%2F4%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/445/112/4/5.gif?puid=9ADE310F7E8A275&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/445/2/3/6.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/445/2/3/6.gif?puid=5026676596621795076&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

0
0

GET
H3

200

pd
propermedia-d.openx.net/w/1.0/ Frame 9C72
Redirect Chain

https://propermedia-d.openx.net/w/1.0/pd?&
https://propermedia-d.openx.net/w/1.0/pd?cc=1&&

0
0

127ms
127ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/pd?cc=1&&
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 482
content-type: text/html
date: Tue, 03 Dec 2024 10:11:37 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 03 Dec 2024 10:11:37 GMT
location: https://propermedia-d.openx.net/w/1.0/pd?cc=1&&
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame DD06 0
0 66ms
20ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 86155
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 03 Dec 2024 10:11:38 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 17 May 2024 08:31:56 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 866794, 106336
X-Served-By: cache-lga21993-LGA, cache-adl2040023-ADL
X-Timer: S1733220698.308372,VS0,VE0

GET
H2 200 iframe
sync.teads.tv/ Frame 9FA7 0
0 465ms
379ms Document
text/html 23.221.133.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.133.105 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-133-105.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.1 /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 153
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 10:11:38 GMT
expires: Tue, 03 Dec 2024 10:11:38 GMT
pragma: no-cache
server: pekko-http/1.0.1

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 7852 0
0 49ms
48ms Document
text/html 23.221.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&_t=Tue%20Dec%2003%202024%2018:11:32%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.133.65 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-133-65.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 10:11:38 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 showad.js
ads.pubmatic.com/AdServer/js/ Frame C89E 0
0 45ms
45ms Document
text/html 23.221.132.242
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.221.132.242 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-132-242.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=138294
content-encoding: gzip
content-length: 15624
content-type: text/html
date: Tue, 03 Dec 2024 10:11:38 GMT
expires: Thu, 05 Dec 2024 00:36:32 GMT
last-modified: Wed, 13 Nov 2024 05:15:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync
eb2.3lift.com/ Frame 9941 0
0 133ms
132ms Document
text/html 52.223.2.229

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.223.2.229 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1093
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 10:11:39 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

beacon
ce.lijit.com/ Frame 0475
Redirect Chain

https://ap.lijit.com/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time)
https://ce.lijit.com/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time)

0
0

186ms
186ms

Document
text/html

54.188.228.126

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time)
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.188.228.126 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.upi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Tue, 03 Dec 2024 10:11:40 GMT
expires: Fri, 20 Mar 2009 00:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
vary: Accept-Encoding

Redirect headers

content-length: 110
content-type: text/html
date: Tue, 03 Dec 2024 10:11:40 GMT
location: https://ce.lijit.com:443/beacon?informer=13412165&_t=Tue%20Dec%2003%202024%2018:11:33%20GMT+0800%20(Australian%20Western%20Standard%20Time)
server: awselb/2.0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 124ms
122ms Fetch
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BWJ5YG01BR&gtm=45je4bk0v879172129za200&_p=1733220690953&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=856184941.1733220692&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&sid=1733220692&sct=1&seg=0&dl=https%3A%2F%2Fwww.upi.com%2F&dt=Top%20News%2C%20Latest%20headlines%2C%20Latest%20News%2C%20World%20News%20%26amp%3B%20U.S%20News%20-%20UPI.com&_s=2&tfd=10661
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d3terveqlssriz/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.upi.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:40 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 619ms
205ms Ping
image/gif 2404:6800:4004:822::2003

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m48aunpd&ctx=0&met.9=1.2ay~2.2ew&met.3=112.4dx_1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:822::2003 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.upi.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 10:11:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.advertising.com
URL: https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_a2ead438_4f52da54_2

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6Ra2172E9APeYrjmleBEZlNn&bidId=6Ra2172E9APeYrjmleBEZlNn&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=AnJeZFgMGA52fQTo2RUQur4N&bidId=AnJeZFgMGA52fQTo2RUQur4N&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Yx1I35UitWmIX4DecygjkkpL&bidId=Yx1I35UitWmIX4DecygjkkpL&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D

Domain: truncated
URL: data:truncated

Domain: aps.zqtk.net
URL: https://aps.zqtk.net/30d863b2-37?url=https%3A%2F%2Fwww.upi.com%2F

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/btr/view?ai=CnyTCVtlOZ-_fA4PFjMwP0PjNgAbZsbWWe7f5yrOrEq4CEAEg2Oq2IGCluJqAnAGgAdL4y-IDyAEJ4AIAqAMByAMKqgShAk_QwSqXs0Vs5l1CaPcRLINjPhSwiE8eTcqqv0FetCDZSvxOKM618M2M43FhGJEnZN2XUINg2SQfB6OpMGwRSs1K1yY21oFLkzRz38h-uoT_YKghwIfXzt2DFG_49v8OzVz5wWRK9EmO1Pax6ccURdj26or_avGQqIwx98RtlsqlXwRCCsd17kuHv0_1izLFGgmNxH5R6zvV2Hf2KQLfJ83OYT6LlF-xncgKkBFne7erPmwIDV0c4IXzq-yRNr1N8QQp6qPh06_GRuGqx8Y6eUOcLlE8L9ZqOOn7oggR-U8ph1gnaT6VByrMLo2g4EuvPir4rTa-2Dxc8Fp2dF-7ecfNcELSzOwb4kkgqxzXmL47MQkWBW8wWMLY4PZWvffl1KbABImou464AuAEAYgFo9X4rh6gBi6AB4GI1kOoB9XJG6gH2baxAqgHpr4bqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAf3wrEC2AcA8gcEEOehEtIIJgiAYRABGB0yAooCOguAQIDAgICAoKiAAki9_cE6WJWgo56ui4oDmgkpaHR0cHM6Ly93d3cuc3F1YXJlc3BhY2UuY29tLz9nYWRfc291cmNlPTWACgPICwHaDBAKChDQyezKqtj4q2kSAgED4g0TCNHho56ui4oDFYMigwMdUHwTYOoNEwj1zqSerouKAxWDIoMDHVB8E2DYEwPQFQGAFwGyFyAKHAgAEhRwdWItNjYxMDgwMjYwNDA1MTUyMxjQnBIYAboXAjgBshgJEgLlWRguIgEA0BgB&sigh=EHm9pnMGM80&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSYACa7L7dRFH3iYjs3tmn4s4vNYLr24FgX49_rY5-36DHAtAQznRG57HS_gt9lIJctD0p8_JCp6y0TAG3aiYSGre3HMoOUW379QPzGRGwOqiAdHqAkPV9Z6r54LkYJTC6_RgB&template_id=5000&ibtr=1

Domain: ps.eyeota.net
URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F445%2F123%2F2%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

299 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

158 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/api	1970-01-21 03:36:36	Name: pid Value: 6392267228221547411
.upi.com/	1970-01-21 01:27:02	Name: __cf_bm Value: cySGICWNCs.WCuGm7t2L0mOslm5wH4g0Gx9ljgrfRs0-1733220690-1.0.1.1-E8Pno0bgiA1U5D3nk_SjgtvJI1aUqEBP1.lhr8sMMnxcwzcwZ_e5aut2BjADd4ylIIbv49rxDEp..Nd77AZq_A
.upi.com/	1970-01-21 01:41:24	Name: _upi_uid Value: 7be69f69-e6c5-486d-b872-3aac8afd44b0
.upi.com/	1970-01-21 10:55:48	Name: _cb Value: C1rNbkC81B2ILpYu8
.upi.com/	1970-01-21 10:55:48	Name: _chartbeat2 Value: .1733220691526.1733220691526.1.V5kGxC_ENLrjC2eFC_HxJTB-BWAZ.1
.upi.com/	1970-01-21 01:27:02	Name: _cb_svref Value: external
.upi.com/	1970-01-21 11:03:00	Name: _ga Value: GA1.1.856184941.1733220692
.yahoo.com/	1970-01-21 10:12:58	Name: A3 Value: d=AQABBFTZTmcCEA5jVf6H8v-UCjClhuyoXq0FEgEBAQEqUGdYZw38xiMA_eMAAA&S=AQAAAhaesM1THo952z7oLLem40M
.lijit.com/	1970-01-21 01:28:27	Name: lijitAcc3PC Value: 1
.33across.com/	1970-01-21 10:12:36	Name: check Value: true
.openx.net/	1970-01-21 10:12:36	Name: receive-cookie-deprecation Value: 1
prebid.media.net/	1970-01-21 05:46:12	Name: receive-cookie-deprecation Value: 1
.teads.tv/	1970-01-21 10:11:10	Name: tt_viewer Value: 5d002e18-bb13-4329-a904-13c03f2567af
.gumgum.com/	1970-01-21 10:12:36	Name: vst Value: a_ae6d56e1-e58a-4207-9fe5-a856296bc135
.quantserve.com/	1970-01-21 10:57:15	Name: mc Value: 674ed955-51434-531a1-391ba
.upi.com/	1970-01-21 10:51:29	Name: __qca Value: P0-183998951-1733220693255
.lijit.com/	1970-01-21 10:12:36	Name: _ljtrtb_263069 Value: 8573852b-6d25-4d99-9272-6278287e6ed5
.crwdcntrl.net/	1970-01-21 07:55:48	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 07:55:48	Name: _cc_id Value: fda96bc51bb1cb481f0bc84d4ce4ac71
.upi.com/	1970-01-21 01:27:00	Name: lotame_domain_check Value: upi.com
.upi.com/	1970-01-21 07:55:48	Name: _cc_id Value: fda96bc51bb1cb481f0bc84d4ce4ac71
.upi.com/	1970-01-21 01:37:05	Name: panoramaId_expiry Value: 1733825493364
.upi.com/	1970-01-21 01:37:05	Name: panoramaId Value: e12b2b6b288e917e2153c1556c5c185ca02c78e39f5a01540eec45ffa0842020
.upi.com/	1970-01-21 01:37:05	Name: panoramaIdType Value: panoDevice
.3lift.com/	1970-01-21 03:36:36	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-21 03:36:36	Name: tluid Value: 656991213752856503432
.criteo.com/	1970-01-21 10:48:36	Name: cto_bundle Value: 86urCF9Td0dpN0NKcmxQWDc4JTJCWlM2RGdzU09vTFZGbExzaSUyQkxkckhrZnVxV3VweTdwTnhHUGV0NiUyQmxDY0p1UkR3bGtGUHElMkJtcnVmTjJhdVFtJTJCJTJCVHFaU0RWRzIxOWZBSVdOVzUwYlBLR0pxYVp0USUzRA
www.upi.com/	1970-01-21 01:27:02	Name: __browsiSessionID Value: 0412b45e-f2f9-4d14-8b51-f5d17432b231&false&DEFAULT&au&desktop-4.34.599&false
www.upi.com/	1970-01-21 10:12:36	Name: __browsiUID Value: fb778f98-f457-422f-9ff7-fd7578359f82
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.upi.com/	1970-01-21 10:12:36	Name: _au_1d Value: AU1D-0100-001733220694-R3AJ1CJX-D9QJ
.lijit.com/	1970-01-21 10:12:36	Name: ljt_reader Value: JxOjABZHHtG9Hu4VSZudgiuH
.adsrvr.org/	1970-01-21 10:12:36	Name: TDID Value: f7c9fd7d-6960-4110-a217-428d06484f04
.tapad.com/	1970-01-21 02:53:24	Name: TapAd_TS Value: 1733220693856
.tapad.com/	1970-01-21 02:53:24	Name: TapAd_DID Value: a5b855d8-ca41-4ac1-9a54-0d7bba2b6889
.adnxs.com/	1970-01-21 11:03:00	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:36:36	Name: icu Value: ChgIr-19EAoYASABKAEw1bK7ugY4AUABSAEQ1bK7ugYYAA..
.proper.io/	1970-01-21 10:12:36	Name: sovrn_instream Value: JxOjARZHSKg2KXRUSnmrWvcX
.proper.io/	1970-01-21 10:12:36	Name: sovrn_outstream Value: JxOjARZHSKg2KXRUSnmrWvcX
.upi.com/	1970-01-21 11:03:00	Name: _ga_FVWZ0RM4DH Value: GS1.1.1733220694.1.0.1733220694.60.0.0
.pubmatic.com/	1970-01-21 10:12:36	Name: KADUSERCOOKIE Value: 8A515A70-B61B-4A3A-BD82-ACAA10A336C6
.demdex.net/	1970-01-21 05:46:12	Name: demdex Value: 87131684920857892474432386366920120951
.rubiconproject.com/	1970-01-21 10:12:36	Name: khaos Value: M48AUMPK-1G-BIL1
.rubiconproject.com/	1970-01-21 10:12:36	Name: khaos_p Value: M48AUMPK-1G-BIL1
.adnxs.com/	1970-01-21 03:36:36	Name: XANDR_PANID Value: aT5ub2WvJZ3xxIgfJkBUw5nc5HjuTVTMLjZM_m-hzVJSrAJnWpKdjhCEBhYA57SzYkfyw5AXkMqf6nIBKJGDZzbAwNh4fsheLWm9tgew2i0.
.adnxs.com/	1970-01-21 03:36:36	Name: uuid2 Value: 5026676596621795076
.dpm.demdex.net/	1970-01-21 05:46:12	Name: dpm Value: 87131684920857892474432386366920120951
.ad.gt/	1970-01-21 10:12:36	Name: au_id Value: AU1D-0100-001733220694-R3AJ1CJX-D9QJ
.tapad.com/	1970-01-21 02:53:24	Name: TapAd_3WAY_SYNCS Value: 1!8122
.amazon-adsystem.com/	1970-01-21 06:29:24	Name: ad-id Value: A_Q0UgiCCkqRiPtB34X6JaY
.amazon-adsystem.com/	1970-01-21 11:03:00	Name: ad-privacy Value: 0
.turn.com/	1970-01-21 05:46:12	Name: uid Value: 4210054937772327184
.go.sonobi.com/	1970-01-21 10:12:36	Name: __uis Value: 9b41cd6c-8834-469c-b90c-09a6973870d3
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB3G Value: s3599\|Z07ZW
.smaato.net/	1970-01-21 01:57:15	Name: SCM Value: 52f7d55491
.smaato.net/	1970-01-21 01:57:15	Name: SCMaps Value: 52f7d55491
.media.net/	1970-01-21 10:12:36	Name: visitor-id Value: 3762222948322011000V10
.onetag-sys.com/	1970-01-21 10:56:47	Name: OTP Value: vSKGtNAZsoP-O-8Tr_-LLtZhSR8g9wWlvIX3f8QZjN4
.yieldmo.com/	1970-01-21 10:12:36	Name: yieldmo_id Value: VzqXZhhNerhnJ8wtENtZ%7C1733184000000%7C0
.ads.yieldmo.com/	1970-01-21 10:12:36	Name: re_sync Value: rc%3D1204465%7Cc%3D1204465%7Ct%3D1204465%7Cdv360%3D1204465%7Can%3D1204465
.upi.com/	1970-01-21 10:48:36	Name: __gads Value: ID=6708b4280adf830b:T=1733220694:RT=1733220694:S=ALNI_MaS8S5KIvxVgmfK40nQ80GrKtGETA
.upi.com/	1970-01-21 10:48:36	Name: __gpi Value: UID=00000f7f37fc7cfe:T=1733220694:RT=1733220694:S=ALNI_MbjtMagTkTc-wr9EkxXdE_OEq7uSw
.upi.com/	1970-01-21 05:46:12	Name: __eoi Value: ID=1f5800231d6c8577:T=1733220694:RT=1733220694:S=AA-AfjZwjPEJ_eh2JUA00-YwolKg
.3lift.com/	1970-01-21 03:36:36	Name: tluidp Value: 656991213752856503432
.cootlogix.com/	1970-01-21 02:10:12	Name: vdz_sync Value: 99c92f9f-78d6-8a17-7bf3-adbca50b944e
.cootlogix.com/	1970-01-21 01:27:01	Name: vdzj1_b26c27b4 Value: VgM12xICTUBCsc4BeA2szNSc2LRYRR2BfI2t1ZTF2dkNSAHFWSn1wNWVyckRTUSRSHipheHd0cEcGDXpVTCshZzYmdRAGUHBVG3p0YTdgb1FVB3BUGnl6YmJzcktXAXoGSXByYDR3dkZBGGBQHnp2ZzAkdRdUAHZUG3lzZWImIBZUVyZHVGt1YTAkcEdTAHVdSXEnYzNwJUsHVXJUTCtheHd3JUAGAHJdQSohY2IjdUNTBXUGG312MGFgb1FVAXZWT3hwMTEgIUpXB3JdHHwgZGV6e0dBGGBTSi8mYWIhIRcFA3ABTHxwbGRxd0ZSBCNHVGt1ZmUjcUVUBCAAGyslNmx1dkdUAnVVGS1heHd3JUBWBydXQC10YGFzIENTBXUBGyx0Nzdgb1FVBXBQSXkiMDR2cEACAnJVSX57Y2BydUdBaW5HGyY2OiFgeUNPFiUBCDthbi4%2Fb1EQUTEWESYtdm9gJkpQBydSHHxuYjBwe14GVntUVX97Z2NvcRcCUCYHHHAiMjdxYV9BVy0LFiwgIDwtLToHFnhHTnp7MmwncUMBVXNVTX8gMWwhc0UCUCZdWjQ%3D
.sharethrough.com/	1970-01-21 02:10:12	Name: stx_user_id Value: e7018f6b-47ba-44ed-ac79-482e16bc3d0e
.postrelease.com/	1970-01-21 10:12:36	Name: visitor Value: 7b098023-e881-4a16-b113-53440e92a083
.postrelease.com/	1970-01-21 10:12:36	Name: status Value: 0
.upi.com/	1970-01-21 01:27:02	Name: properSessionStorage Value: eyJ1dWlkIjoiMjMwNzkyZTItZTk1YS00OTY0LWE0NmItYjMxYWNiODFiOTQ4IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMDU0LCJkeW5hbWljX2Zsb29ycyI6e30sIm5vX2JpZF9jbnQiOnt9LCJhdWN0aW9uX2NvdW50IjoxLCJsYXN0X3RocmVzaG9sZCI6MH0%3D
.upi.com/	1970-01-21 11:03:00	Name: _ga_BWJ5YG01BR Value: GS1.1.1733220692.1.0.1733220695.0.0.0
.doubleclick.net/	1970-01-21 11:03:00	Name: IDE Value: AHWqTUkzsh76t9l0GOS-DQDIqGghXW3DbKvq8cEiPyg5nJAEvEyOXCaOEZa7ah5Fpy0
.upi.com/	1970-01-21 10:12:36	Name: FCNEC Value: %5B%5B%22AKsRol9nXLHsghanG1yKEtZgyQBm-XPH6N3KyYotgd19AgrRFttAswtiArb3TT6Ib3Tkt2qlLh9AVgvxgK1-jn9cireDZOlFbFz95G9iVTyDDbF663TKn0BhAaTcwuEkHXQsIgKwx-owWLd8eyBYlLaomXh4VILUZg%3D%3D%22%5D%5D
.ads.yieldmo.com/	1970-01-21 10:12:36	Name: ptrt Value: f7c9fd7d-6960-4110-a217-428d06484f04
.ads.yieldmo.com/	1970-01-21 10:12:36	Name: ptrc Value: CAESEKbktiaPJqoWhiJAg6UDyJ8
.adform.net/	1970-01-21 02:11:39	Name: C Value: 1
.socdm.com/	1970-01-21 11:03:00	Name: SOC Value: Z07ZV8Co8YoAAH6avhoAAAAA
.googleadservices.com/	1970-01-21 03:36:36	Name: ar_debug Value: 1
.mediago.io/	1970-01-21 10:12:36	Name: __mguid_ Value: e94ce74f5f3d35362ue0qx00m48auo17
.zemanta.com/	1970-01-21 10:12:36	Name: zuid Value: pxUHBgp-4OVmc2yKBp5E
.doubleclick.net/	1970-01-21 02:10:12	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 05:46:12	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-21 02:53:24	Name: uid Value: 1477490157425142451
.doubleclick.net/	1970-01-21 05:46:12	Name: APC Value: AfxxVi6NdBj7b5ZEQpzj2IH7kDvJJRRaiVGJ-ud_ovjIj9FPpt0qbg
.contextweb.com/	1970-01-21 10:05:24	Name: V Value: qXMNgaGx26OG
.contextweb.com/	1970-01-21 10:05:24	Name: VP Value: part_qXMNgaGx26OG
.contextweb.com/	1970-01-21 10:12:36	Name: pb_rtb_ev Value: 3-1v45\|7bq.0.1
.contextweb.com/	1970-01-21 10:12:36	Name: pb_rtb_ev_part Value: 3-1v45\|7bq.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 65cd9b81f7f7cb86
.creativecdn.com/	1970-01-21 10:12:36	Name: ts Value: 1733220696
.creativecdn.com/	1970-01-21 10:12:36	Name: g Value: gY8qEt0fPjoMPFR7seVV_1733220696022
sync.srv.stackadapt.com/	1970-01-21 10:12:36	Name: sa-user-id Value: s%3A0-d6dfea3a-3430-5ded-40aa-a5e029ecd079.vJQI9glhGgmtj72dxww1DyNi9t98H2PN%2B4tN5y%2BreWk
.srv.stackadapt.com/	1970-01-21 10:12:36	Name: sa-user-id Value: s%3A0-d6dfea3a-3430-5ded-40aa-a5e029ecd079.vJQI9glhGgmtj72dxww1DyNi9t98H2PN%2B4tN5y%2BreWk
sync.srv.stackadapt.com/	1970-01-21 10:12:36	Name: sa-user-id-v2 Value: s%3A1t_qOjQwXe1AqqXgKezQeWfWFJQ.nVYn0lZ12g7agR8ZXZcXWf0S9mH6vEaOSzT9O0jvZt0
.srv.stackadapt.com/	1970-01-21 10:12:36	Name: sa-user-id-v2 Value: s%3A1t_qOjQwXe1AqqXgKezQeWfWFJQ.nVYn0lZ12g7agR8ZXZcXWf0S9mH6vEaOSzT9O0jvZt0
sync.srv.stackadapt.com/	1970-01-21 10:12:36	Name: sa-user-id-v3 Value: s%3AAQAKICMuOxx6ok6f-Hdvj5m61hmVOdfHLYoQborjHOx3N-aXEGcYBCDYsru6BjABOgSAOSS3QgQc82Fz.85s3oLBMk6mLtkGQCH0HjfowOT1JhEIDtfTht5LG3Vg
.srv.stackadapt.com/	1970-01-21 10:12:36	Name: sa-user-id-v3 Value: s%3AAQAKICMuOxx6ok6f-Hdvj5m61hmVOdfHLYoQborjHOx3N-aXEGcYBCDYsru6BjABOgSAOSS3QgQc82Fz.85s3oLBMk6mLtkGQCH0HjfowOT1JhEIDtfTht5LG3Vg
.pubmatic.com/	1970-01-21 03:36:36	Name: KRTBCOOKIE_80 Value: 22987-CAESEMP-jtRWXfmveHrxiTAw5nE&KRTB&16514-CAESEMP-jtRWXfmveHrxiTAw5nE&KRTB&23025-CAESEMP-jtRWXfmveHrxiTAw5nE&KRTB&23386-CAESEMP-jtRWXfmveHrxiTAw5nE
.ipredictive.com/	1970-01-21 10:12:36	Name: cu Value: f031e7de-5df5-4bb2-918e-e77126b9085f\|1733220696143
.rlcdn.com/	1970-01-21 10:12:36	Name: rlas3 Value: RGe+pitMjtLEnwEO6d6j1cw2lgPkOWy/+gjVhb9n6Dc=
.rlcdn.com/	1970-01-21 02:53:24	Name: pxrc Value: CNiyu7oGEgUI6AcQABIFCOhHEAA=
pool.admedo.com/	1970-01-21 10:12:36	Name: tuuid Value: 395e0097-2e08-45b8-8a14-cf0c98ec9d48
pool.admedo.com/	1970-01-21 10:12:36	Name: c Value: 1733220696
pool.admedo.com/	1970-01-21 10:12:36	Name: tuuid_lu Value: 1733220696
.rubiconproject.com/	1970-01-21 03:36:36	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 10:12:36	Name: CMID Value: Z07ZWIsFVWYAACJEApEf7QAA
.casalemedia.com/	1970-01-21 03:36:36	Name: CMPS Value: 4782
.casalemedia.com/	1970-01-21 03:36:36	Name: CMPRO Value: 4782
.simpli.fi/	1970-01-21 10:14:03	Name: suid Value: D32EEAEC9D664EE59C7F93A91C380135
.mathtag.com/	1970-01-21 10:52:55	Name: uuid Value: f33f674e-d958-4e00-b7e0-bf08eea5f25a
.pubmatic.com/	1970-01-21 02:10:12	Name: KRTBCOOKIE_148 Value: 19421-uid:D32EEAEC9D664EE59C7F93A91C380135&KRTB&23486-uid:D32EEAEC9D664EE59C7F93A91C380135&KRTB&23489-uid:D32EEAEC9D664EE59C7F93A91C380135&KRTB&23539-uid:D32EEAEC9D664EE59C7F93A91C380135
.pippio.com/	1970-01-21 10:12:36	Name: did Value: _UKOPb-UZZJfp16R
.pippio.com/	1970-01-21 10:12:36	Name: didts Value: 1733220696
.pippio.com/	1970-01-21 02:53:24	Name: nnls Value:
.pippio.com/	1970-01-21 02:53:24	Name: pxrc Value: CAA=
.linkedin.com/	1970-01-21 10:12:36	Name: bcookie Value: "v=2&0f3998d5-6d5b-4c83-83a9-5d9c06afdff9"
.linkedin.com/	1970-01-21 01:28:27	Name: lidc Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2988:u=1:x=1:i=1733220696:t=1733307096:v=2:sig=AQG8gBc8eBdJo70GklENqKAHvLGqoqS6"
.bidr.io/	1970-01-21 10:55:30	Name: bito Value: AACn207OnbMAABXL_4T53Q
.bidr.io/	1970-01-21 10:55:30	Name: bitoIsSecure Value: ok
.id5-sync.com/	1970-01-21 03:36:36	Name: id5 Value: d9be8701-aa07-7300-9180-be89697d2f39#1733220693432#3
.pubmatic.com/	1970-01-21 03:36:36	Name: KRTBCOOKIE_27 Value: 16735-uid:f33f674e-d958-4e00-b7e0-bf08eea5f25a
.lijit.com/	1970-01-21 10:12:36	Name: ljtrtb Value: eJwFwcENACAIBLBd%2BJOYQw5wHINTGHe3vQLaYMmS9LB0bGXDdXaVFgJKRCLj8LTL%2BxH8C3E%3D
.lijit.com/	1970-01-21 10:12:36	Name: _ljtrtb_80 Value: M48AUMPK-1G-BIL1
.rubiconproject.com/	1970-01-21 10:12:36	Name: audit_p Value: 1\|9Xy85aLvshnfrVOUWZQhdV/7AA5/gbgqSI38nk+LkLnnZnWO3YnNS4iMoOpX4VJL2s2CwzIRMOtBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPP84NJ4UGmTuUUZH53Ut4zUD0h+9b6PeZJHVrvShCsfXzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.rubiconproject.com/	1970-01-21 10:12:36	Name: audit Value: 1\|9Xy85aLvshnfrVOUWZQhdV/7AA5/gbgqSI38nk+LkLnnZnWO3YnNS4iMoOpX4VJL2s2CwzIRMOtBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPP84NJ4UGmTuUUZH53Ut4zUD0h+9b6PeZJHVrvShCsfXzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.semasio.net/	1970-01-21 10:12:36	Name: SEUNCY Value: 9ADE310F7E8A275
.primis.tech/	1970-01-21 02:03:00	Name: csuuid Value: 674ed95924dd5
.intentiq.com/	1970-01-21 11:03:00	Name: intentIQ Value: azW8Tw46sF
.intentiq.com/	1970-01-21 11:03:00	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 11:03:00	Name: CSDT Value: UEQ6MTUxMDZfMCZVVnQzUGxQ
.intentiq.com/	1970-01-21 11:03:00	Name: intentIQCDate Value: 1733220697814
.intentiq.com/	1970-01-21 11:03:00	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 11:03:00	Name: IQPData Value: 1742083220#1733220697813#0#1733220697813
.ads.pubmatic.com/	1970-01-21 01:28:27	Name: KCCH Value: YES
.pubmatic.com/	1970-01-21 03:36:36	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-21 01:28:27	Name: pi Value: 0:4
.pubmatic.com/	1970-01-21 03:36:36	Name: DPSync4 Value: 1734393600%3A197_226_245%7C1733270400%3A248%7C1733788800%3A164
.pubmatic.com/	1970-01-21 03:36:36	Name: SyncRTB4 Value: 1734393600%3A247_266_220_21_7_8_22_56_201_13_71_54_3%7C1733788800%3A223_2%7C1734048000%3A63
.analytics.yahoo.com/	1970-01-21 10:12:36	Name: IDSYNC Value: "18y3~2m6a:18z8~2m6a"
.pubmatic.com/	1970-01-21 03:36:36	Name: KRTBCOOKIE_377 Value: 6810-f7c9fd7d-6960-4110-a217-428d06484f04&KRTB&22918-f7c9fd7d-6960-4110-a217-428d06484f04&KRTB&22926-f7c9fd7d-6960-4110-a217-428d06484f04&KRTB&23031-f7c9fd7d-6960-4110-a217-428d06484f04
.pubmatic.com/	1970-01-21 02:10:12	Name: KRTBCOOKIE_391 Value: 22924-1477490157425142451&KRTB&23231-1477490157425142451&KRTB&23263-1477490157425142451&KRTB&23481-1477490157425142451
.openx.net/	1970-01-21 10:12:36	Name: i Value: 59553886-8752-08ea-3dc1-e4352a69485a\|1733220698
.ambientdsp.com/	1970-01-21 01:28:27	Name: _aGeoIp Value: AU-Adelaide
.ambientdsp.com/	1970-01-21 11:03:00	Name: _aUID Value: 173qev69amdn
.openx.net/	1970-01-21 01:48:36	Name: pd Value: v2\|1733220698\|jIjElYiuvOuIlUialQhI
.quantserve.com/	1970-01-21 03:36:36	Name: sp Value: CggIiQ0SAxCFDg==
.adsrvr.org/	1970-01-21 10:12:36	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjQh9XenOPJPRAFEhYKB3J1Ymljb24SCwi-oajwnOPJPRAFEhcKCHB1Ym1hdGljEgsI3vTXhZ3jyT0QBRgBIAIoAjILCMbq2rKz48k9EAU4AVoIcHVibWF0aWNgAg..
.pubmatic.com/	1970-01-21 02:10:12	Name: SPugT Value: 1733220698
.pubmatic.com/	1970-01-21 02:10:12	Name: KRTBCOOKIE_1290 Value: 23368-173qev69amdn
.pubmatic.com/	1970-01-21 02:10:12	Name: KRTBCOOKIE_632 Value: 23041-G00ANx7Hwaloky0NAqjMMutiR8NR5mZPq1lTawUbUa0&KRTB&23047-G00ANx7Hwaloky0NAqjMMutiR8NR5mZPq1lTawUbUa0&KRTB&23234-G00ANx7Hwaloky0NAqjMMutiR8NR5mZPq1lTawUbUa0&KRTB&23361-G00ANx7Hwaloky0NAqjMMutiR8NR5mZPq1lTawUbUa0
.pubmatic.com/	1970-01-21 03:36:36	Name: KRTBCOOKIE_153 Value: 19420-v1LdUO1c3ACkUNgBulHEALpUiASkVtAE6wRpDisi&KRTB&22979-v1LdUO1c3ACkUNgBulHEALpUiASkVtAE6wRpDisi&KRTB&23462-v1LdUO1c3ACkUNgBulHEALpUiASkVtAE6wRpDisi
.pubmatic.com/	1970-01-21 02:10:12	Name: KRTBCOOKIE_22 Value: 14911-4210054937772327184&KRTB&23150-4210054937772327184&KRTB&23527-4210054937772327184&KRTB&23629-4210054937772327184
.socdm.com/	1970-01-21 11:03:00	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzMzMjIwNjk4fQ
.ladsp.com/	1970-01-21 01:27:04	Name: cr Value: 1
.pubmatic.com/	1970-01-21 02:10:12	Name: PugT Value: 1733220698
.ladsp.com/	1970-01-21 11:03:00	Name: smn_uid Value: LEoIGOBJPUfztV9tBn9WniDtMuP7Lv8
.ladsp.com/	1970-01-21 11:03:00	Name: lum Value: CJOWhOC4MhIFCAMQ0AU
.id5-sync.com/	1970-01-21 03:36:36	Name: 3pi Value: 112#1733220698957#1061687292\|2#1733220699543#-404231659\|264#1733220697741#1052872068\|10#1733220697360#-740884691\|108#1733220698241#-604175672

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.upi.com/ Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: about:blank Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
network	error	URL: https://pixel.advertising.com/ups/58316/sync?redir=true&&callback=window.proper_a2ead438_4f52da54_2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
worker	error	URL: https://www.upi.com/ Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
worker	error	URL: https://www.upi.com/ Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
javascript	error	URL: https://www.upi.com/ Message: Access to XMLHttpRequest at 'https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6Ra2172E9APeYrjmleBEZlNn&bidId=6Ra2172E9APeYrjmleBEZlNn&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D' from origin 'https://www.upi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=6Ra2172E9APeYrjmleBEZlNn&bidId=6Ra2172E9APeYrjmleBEZlNn&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.upi.com/ Message: Access to XMLHttpRequest at 'https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=AnJeZFgMGA52fQTo2RUQur4N&bidId=AnJeZFgMGA52fQTo2RUQur4N&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D' from origin 'https://www.upi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=AnJeZFgMGA52fQTo2RUQur4N&bidId=AnJeZFgMGA52fQTo2RUQur4N&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.upi.com/ Message: Access to XMLHttpRequest at 'https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Yx1I35UitWmIX4DecygjkkpL&bidId=Yx1I35UitWmIX4DecygjkkpL&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D' from origin 'https://www.upi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=Yx1I35UitWmIX4DecygjkkpL&bidId=Yx1I35UitWmIX4DecygjkkpL&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&shduid=8573852b-6d25-4d99-9272-6278287e6ed5&pubcid=8573852b-6d25-4d99-9272-6278287e6ed5&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22f87d3dee-ba65-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.upi.com/ Message: Access to XMLHttpRequest at 'https://aps.zqtk.net/30d863b2-37?url=https%3A%2F%2Fwww.upi.com%2F' from origin 'https://www.upi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://aps.zqtk.net/30d863b2-37?url=https%3A%2F%2Fwww.upi.com%2F Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://www.upi.com/ Message: Refused to execute script from 'https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D8573852b-6d25-4d99-9272-6278287e6ed5%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_77819779_14bdfc33_1' because its MIME type ('image/gif') is not executable.
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	warning	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://cadmus.script.ac/d3terveqlssriz/script.js Message: The Content-Security-Policy directive 'frame-ancestors' contains 'frame-ancestors' as a source expression. Did you want to add it as a directive and forget a semicolon?

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	'SAMEORIGIN'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21ae7d89aebe0cf72e909854c5dacee5.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax.amazon-adsystem.com
abcheck.proper.io
acdn.adnxs.com
ad.doubleclick.net
ads.pubmatic.com
ai.browsiprod.com
analytics.google.com
ap.lijit.com
aps.zqtk.net
bcp.crwdcntrl.net
bidder.criteo.com
bids.proper.io
bis3.vidazoo.com
btlr.sharethrough.com
c.amazon-adsystem.com
cadmus.script.ac
cdn-ima.33across.com
cdn.ampproject.org
cdn.browsiprod.com
cdn.hadronid.net
cdn.id5-sync.com
cdnph.upi.com
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
csi.gstatic.com
d.turn.com
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
dpm.demdex.net
eb.proper.io
eb2.3lift.com
eus.rubiconproject.com
events.browsiprod.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
global.proper.io
hb.yellowblue.io
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids4.ad.gt
image2.pubmatic.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
p.ad.gt
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.advertising.com
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
play.libsyn.com
prebid.cootlogix.com
prebid.media.net
propermedia-d.openx.net
proton.ad.gt
ps.eyeota.net
pxdrop.lijit.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
seg.ad.gt
static.chartbeat.com
static.criteo.net
static.vidazoo.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.teads.tv
tags.crwdcntrl.net
td.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
truncated
ups.analytics.yahoo.com
usync.proper.io
wserver.vidazoo.com
www.google-analytics.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.metimes.com
www.upi.com
x.bidswitch.net
yield-manager.browsiprod.com
aps.zqtk.net
btlr.sharethrough.com
pixel.advertising.com
ps.eyeota.net
securepubads.g.doubleclick.net
truncated
104.18.10.207
104.18.27.193
104.18.28.101
104.254.148.252
108.158.20.76
108.158.28.226
108.158.32.17
108.158.32.72
108.158.35.170
13.228.141.68
13.35.147.98
13.35.210.115
135.125.140.162
135.125.145.78
135.125.146.80
135.125.146.82
135.125.146.86
141.95.98.65
142.250.196.98
142.250.199.98
142.250.199.99
142.251.42.162
151.101.65.108
159.223.128.170
162.19.138.118
172.217.175.14
172.217.24.34
172.217.26.230
172.67.178.59
174.138.117.240
18.155.192.5
18.65.244.113
18.65.244.97
18.67.93.113
2001:4860:4802:32::178
2001:4860:4802:36::181
2001:df2:a300:bbbb::136
204.16.247.177
207.65.33.78
216.58.220.99
23.221.132.242
23.221.133.105
23.221.133.65
23.38.131.47
2404:6800:4004:813::2008
2404:6800:4004:81d::2002
2404:6800:4004:822::2003
2404:6800:4004:826::2001
2404:6800:4006:804::2001
2404:6800:4006:804::200a
2404:6800:4006:810::200e
2404:6800:4008:c07::9d
2406:2600:7:100::1
2406:2600:7:100::24
2406:6e00:f048:1fa::2000
2600:9000:2215:8a00:18:1fcd:354:4b41
2600:9000:277c:7a00:6:44e3:f8c0:93a1
2604:a880:400:d0::252f:1001
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:4400::6812:21b2
2606:4700::6812:120a
2606:4700::6812:1791
2607:f350:1:2569:0:10:0:c
2620:116:800e:21:a878:7c6e:cf7b:3362
3.0.107.214
34.111.113.62
34.120.63.153
34.210.155.102
34.95.69.49
34.98.64.218
35.213.7.90
35.227.252.103
35.244.193.51
35.80.102.85
44.199.159.192
44.225.145.61
44.231.120.165
44.235.123.73
51.195.115.36
51.195.126.30
51.195.127.100
51.195.127.115
51.195.34.220
51.195.34.222
51.195.34.255
51.195.73.113
51.195.73.82
52.223.2.229
52.223.40.198
52.74.95.248
54.148.15.86
54.188.228.126
54.253.214.62
54.68.191.138
67.199.150.86
69.173.158.64
69.173.158.65
72.247.223.184
98.82.156.207
001aca05bbd1a4edb06602ba33cda251c6abbe28f94add4ba997042ca228dfb3
0407e8c35ee32767361ef09ac112cecc2193a7576f84e49dc5f24e7ced0e6b58
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077edbe4918e41b03f363d6c701046b146b61f9bc38e28350f1084d3016354ef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0
0ee7d90acfcf61e37a67097a1f97ddb90fd685f3e9dcb6ed34931f2b94713d8d
1125155a70f5835329ada5354f890c4ee41accf5e2d9130925a78a86c6821591
140f29ec46d27c427c73dffbf72c8af7d0f5f007168bac68cc787f1f5dfcda99
18f183b67d358849f0b4808bf8f900319903371e93c994fbea8053e39fb85e91
1962ffc7cb5cc545438e8676499ec68d01ad88e627f9397be49590661a4e247b
1b1528bf66881eff8ff756d297fdec1f2712c748ecf07b56f8f87fa0f0e0c830
1bc346884ec18e47cd10c326d3b101c6c4fded9f9f1877a06fccff2f91ec4915
1f2f3e73a5158ede7a20b6056b8a45dc19d4ccf382de0370eaf96e23064d30da
1f4a2f037f5138204350f102801704502ac32c2ca1849131f0f133c387434bf6
2345e6cbff5c4272c633dafc3d96b17107fa2bb3643fa3efa5ce4718c52adead
2541943eb1b759367d198f4b470134d85aadc1bf18a48da5e49de3c61b9a59ac
278685d4467e915e1a1ce58a24e15dcdefbd7719acf70a59655361c35f8e273d
29c3f84a188cd28b56472e456ac6f34f728f8a79c1e6ed8437e9c3a44e2957e8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2d0a54f4853d60dce70ae1b27d56d97e94770f546aeb9f3a25ca7a3fe860bec8
2d2bc4369d46bb6febd7aa823ffd9b347e7fe804f9d7ae6bff1afb8135bd7581
2f679f6be3a389388ac32d86727eac46e3d111f08906050ea598daf1fbc3574f
33bd5f1fdbcd6f3009cd1fe51b125ce3b770b846be8105b4f0f401edf6ef2c8a
35d5cf9ae2320f1806e16e983b73b0a27aafb569507809c01aab46c698800822
3682ce850eb37d9c7692129c5bb2df91e13d1dbb91cd6e3a6f0cf04f0c62c942
36b4ff7616d9ddd57312d4ca4c0903123d0313008102b307412d24314a79f150
3a07dbcc3ec874e46abfbed6e3b48876d3e781440e56edb18924d153df54f491
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3bf4f940a69cf7d1af0797f0371ddae937a8274190b22ebe165f0f7223b0e670
3d6343d927bd6f42d334242e2d540a3321641933ec01cf11354bdfa6518fc77d
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
3fb37649db4d634ddf23efe4f3054dff925887babd612a22f12dc6d28336d8cc
41dc8772453d3a69d43eebef99169f5351ec084541d97678616a5763bb9c4b6e
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4706a1140015223c3bd0cc307ebace5ca7064fc6d834b0e1b2de2ede7112a1c0
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
48d611c460406f0653185a1447f5bf797eec3afa7c080b74205f4a8ea2729f3c
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
4e5a5d699c653f0019b2c11a4342f09535d6a8f725dffe7608fb0e9b166f9364
4f3b415c53c7a9bb18bedcc90e30d735e922f8121ad8494bb3792199abfb5b20
4ff3a504a43dc24f931fd24b40b2ea079027b4c971a002e9e8b87daa63aed4ae
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55944e6bd53a69181c4a7fec7e3e85ec889ae1f16b7436fbed7df8adb7a29cc5
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
597cc13828c2c283d9df2407c0c9ba011f5d9cf554c1792f16173fea3d308530
59add41e845abca045c214506602d803eccdf88f6056af96195de83de54fd58b
59c695d1e4948c5a67253eee786cf699a6de685a156ac167239f1d6546f140e3
5d2c99a28434f9d50ca6014759ddde35492fdfff42f22c63a3ab0cef3540588c
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
65fb3a769d5b2cfc1f3e73d9db6b4e2a591576599ff0326ed764881992d8a206
6959ef2426f889b8992095f68c51ab219264d753fa9e1a0bf38b2809efab3369
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ab990c5346b7c5e092c7b1a001db0c632d657372cdfabadc40be65cea388bad
6b23c0d5f35d1b11f9b683f0b0a617355deb11277d91ae091d399c655b87940d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a
75b0c0279799a26556befac6a8069834770427601159d8bc49cb01c0634cee0a
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7a11168af079617eb83746731b45d55b24a108b277938f85ee379bea743236b7
7ebde833fa22dc90773c83a56dbc3295b7e19c46cb2bcbc5db9d9e6cad60721e
806871840e6f25ca20d436193756a82379c3a890f45204b437c18d490179ca31
812af34f04b9a6e6957304ad0bfe69b21fc794ec991d7c02d5948e1d224bb961
826a989e6e27d5a642c0cb26430d8d8c400c833bcd6e6d1097101ea5f39c60d9
836a224af188d2ebfee90a271b25baded165ec6f898c4e173ce3df443bb460f8
84e9ee69fca2b277085bf8b398111d1b4c75d15237024ee27ba9900fb2947880
851b5c94703e31d0d9dcf759766d3df8a83cf2dc23dce6dbcb06edc44a4f2454
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
909c13c8b232c721f3e80517fe52e6b18234ddafd7b9da3db8030ce33d736c42
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91f6f43f1e4ec370c8c8a5dde4a86e7697455d433c6c7aa72de0abee56aef50f
984b187e0c9eccf1b4430d4102464c71d8f768bfddbba40e6a453dc98234e64c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b45790d31b3e90e247842e3afbd112e600a66fe0de026437bf212d872817375
9ceb9b9fb1763f9367fc3c3c483eede18b73d9de8ed3103a70ed1fc0e8054847
9cf341e5c60b0820ef49653146a00a4dedc5e4acfe3c9a7c1c7186435af15322
9d85dc4b95e5453decb7bccf96248b36a72318647d47a76a2b9e5e1c9fb67f26
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c49bc40bbfe94a72e924977b8d4ed43bdedc0b66e6b1da20654a96976dcb11
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a81524b518670cc7546adf6f9a055b3ab7d299cb808b27f77c19e7563287d329
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
ab0e57d6890165f76749bc838162b986c33a87d5e02cfede7c4bf2e8b6fcb79a
ab2ce7a605858febda81cd3408ddb9897e109b417d514d9c12cf0e1a89658ae4
abfecb6e1e752d6961b1c9b9da79fdf1edf2ac994bf21cfea10bb043424afa57
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b0d756140ac108cb3d034c2ae7700a199afe7e8c533dc61e1e87cbf42994a91d
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
ba2591621ebf69fd2d68cdb16d0eb4bb40487c0a79179509645878f455df69ec
bbc1643a30190ad635d0bfb12e6955054210f91de62355742c987d388feecc73
bd20f4d03cbec8c337d62ff15bf83b07110199df3cd7eef422da0733228587d0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c81de75cab5accbce049abaa5c238ecd04279d8c3b82f9541699728369cd37cd
c87a17f7ccdff0af1de2773d90f2a7a05f7cbddb3a749f3a4c66df774df9fdf6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d740a42c59fddbfe811ef28fa82189044959cce0bfc5d5b281605e1406f32c9e
d8726b63dbd6bbf37b1ddb7d6f7dbcfa82ae82c0ea56e8d3d579a69b9c5172a8
d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0
da135bc6c618f8ccfd78f1e6b9cce78f90717098458399fe205553a8d7d04389
db668f24fafe0f612e843aa6f57526e0038ea68237666eceddb44ba964600fb7
df0074da75a9aaacce754861c52c7f77b3680d267ba71dbcdec61958d2c4dfab
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e923c11bc59a9f8499f5371685aab1645b88fa5816e3c1b5c4211ea3d7f4bbfb
e92eba855f5a6a00e6ff999e1831248328069c3be4fd6e14aa45bc74404ae924
eadd018395818202cf33211bb6fa26e4455569f416d1ba94388b33d6650830af
eaf90fe5f37e3b05571d67b0426127fae192da77a2e2ad30b73b9a20c0b74468
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d127de37b942baad06145e54b0c619a1f22327b2ebbcfbec78f5564afe39d
f0b745f08fdd0c8abd0610409973433e28c288cce88fdceeb9093808a5ee937c
f1f00f1995aa49a6d31cdc6412adc4ec2281dfe41b9e6f3c6722cdbfbd8a12bc
f2b0296a50cfc3b95732127bebb92feb0b777f841fc4ad2739226d0994c349fe
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435
f50dc9908f42739da1c6f05d36d7a853da526c72cf63dc423732756ec2f7f3c7
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be
fc6782ed743970d404924d7962eaaa2a89b9b78384a609ae808374bd605bc5d6
fd729552215a6aef18570faca151d7079488e9bd97b077de1d8f4370171886a1
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1

www.upi.com Open in urlscan Pro 2606:4700::6812:120a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

205 Requests

90 %HTTPS

26 %IPv6

59 Domains

116 Subdomains

95 IPs

12 Countries

2393 kBTransfer

6196 kBSize

158 Cookies

7 Outgoing links

Page URL History

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.upi.com Open in urlscan Pro
2606:4700::6812:120a Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

90 %
HTTPS

26 %
IPv6

59
Domains

116
Subdomains

95
IPs

12
Countries

2393 kB
Transfer

6196 kB
Size

158
Cookies

205 HTTP transactions
3 data transactions